urlscan.io logo urlscan.io
SecurityTrails logo

www.sanook.com Open in urlscan Pro
203.151.130.247  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.sanook.com/home/25321/
Submission: On November 24 via manual from TH — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 99 IPs in 13 countries across 92 domains to perform 512 HTTP transactions. The main IP is 203.151.130.247, located in Samut Prakan, Thailand and belongs to INET-TH-AS Internet Thailand Company Limited, TH. The main domain is www.sanook.com. The Cisco Umbrella rank of the primary domain is 72061.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 7th 2022. Valid for: a year.
This is the only time www.sanook.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 203.151.130.247 4618 (INET-TH-A...)
92 43.132.80.21 139341 (ACE-AS-AP...)
1 182.161.73.129 55569 (CRITEO-AS...)
8 43.132.80.30 139341 (ACE-AS-AP...)
2 142.250.4.97 15169 (GOOGLE)
2 203.154.91.216 4618 (INET-TH-A...)
3 61.91.94.165 7470 (TRUEINTER...)
6 157.240.217.15 32934 (FACEBOOK)
5 23.44.0.196 16625 (AKAMAI-AS)
1 3 13.33.88.55 16509 (AMAZON-02)
1 203.151.128.145 4618 (INET-TH-A...)
2 157.240.217.17 32934 (FACEBOOK)
1 61.91.93.46 7470 (TRUEINTER...)
3 104.22.79.123 13335 (CLOUDFLAR...)
4 182.161.73.136 55569 (CRITEO-AS...)
1 74.125.24.138 15169 (GOOGLE)
1 142.251.12.155 15169 (GOOGLE)
1 3 172.217.194.155 15169 (GOOGLE)
3 104.84.172.224 16625 (AKAMAI-AS)
1 104.18.216.65 13335 (CLOUDFLAR...)
2 9 74.125.24.106 15169 (GOOGLE)
4 142.251.12.94 15169 (GOOGLE)
9 18 142.250.4.157 15169 (GOOGLE)
2 172.217.194.101 15169 (GOOGLE)
3 157.240.217.35 32934 (FACEBOOK)
2 61.91.93.41 7470 (TRUEINTER...)
3 209.58.178.57 59253 (LEASEWEB-...)
1 87.240.129.133 47541 (VKONTAKTE...)
1 217.20.155.208 47764 (VK-AS)
3 119.81.192.134 36351 (SOFTLAYER)
28 142.251.10.156 15169 (GOOGLE)
1 61.91.94.166 7470 (TRUEINTER...)
1 172.217.194.113 15169 (GOOGLE)
2 74.125.24.156 15169 (GOOGLE)
7 23.106.249.95 59253 (LEASEWEB-...)
1 1 31.220.27.134 39572 (ADVANCEDH...)
8 182.161.73.145 55569 (CRITEO-AS...)
7 103.231.98.193 62713 (AS-PUBMATIC)
4 52.77.152.198 16509 (AMAZON-02)
13 74.125.130.138 15169 (GOOGLE)
15 172.67.26.199 13335 (CLOUDFLAR...)
21 34.98.64.218 396982 (GOOGLE-CL...)
3 172.64.154.237 13335 (CLOUDFLAR...)
4 11 68.67.160.137 29990 (ASN-APPNEX)
3 69.173.158.65 26667 (RUBICONPR...)
3 119.81.192.141 36351 (SOFTLAYER)
3 184.25.221.62 16625 (AKAMAI-AS)
5 77.245.57.78 36057 (WEBAIR-IN...)
3 67.199.150.81 3257 (GTT-BACKB...)
6 172.64.151.162 13335 (CLOUDFLAR...)
3 4 185.84.60.20 198622 (ADFORM)
2 2 103.229.206.241 30419 (MEDIAMATH...)
25 103.231.98.194 62713 (AS-PUBMATIC)
3 3 151.101.66.49 54113 (FASTLY)
1 1 18.138.18.111 16509 (AMAZON-02)
2 2 103.229.10.247 16509 (AMAZON-02)
1 1 182.161.73.146 55569 (CRITEO-AS...)
1 1 139.162.23.100 63949 (LINODE-AP...)
2 2 23.23.131.203 14618 (AMAZON-AES)
1 202.131.200.84 17941 (BIT-ISLE ...)
2 3 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
4 17 142.250.4.155 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
5 103.231.98.195 62713 (AS-PUBMATIC)
3 3 34.83.125.63 396982 (GOOGLE-CL...)
4 52.74.36.190 16509 (AMAZON-02)
16 17 3.33.220.150 16509 (AMAZON-02)
4 4 52.74.13.196 16509 (AMAZON-02)
4 4 35.213.12.39 15169 (GOOGLE)
2 2 13.115.124.23 16509 (AMAZON-02)
5 5 50.116.239.135 6336 (TURN-US-ASN)
2 2 89.207.22.105 41041 (VCLK-EU-SE)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
3 3 68.67.160.114 29990 (ASN-APPNEX)
3 3 202.241.208.100 4694 (IDCF IDC ...)
6 6 13.33.88.98 16509 (AMAZON-02)
2 151.101.193.108 54113 (FASTLY)
4 216.130.169.24 393710 (WEBAIR-IN...)
3 11 104.18.33.19 13335 (CLOUDFLAR...)
3 162.19.138.119 16276 (OVH)
3 54.169.203.49 16509 (AMAZON-02)
7 67.199.150.80 62713 (AS-PUBMATIC)
2 13.35.19.109 16509 (AMAZON-02)
4 16 139.5.84.243 27381 (CASALE-MEDIA)
3 6 52.46.130.91 16509 (AMAZON-02)
1 1 185.183.112.155 60350 (VP)
2 18.136.172.50 16509 (AMAZON-02)
2 2 23.106.69.73 59253 (LEASEWEB-...)
2 2 37.18.103.22 205675 (HYBRID-AS)
1 23.106.127.38 59253 (LEASEWEB-...)
10 74.125.200.132 15169 (GOOGLE)
4 142.251.10.95 15169 (GOOGLE)
17 142.251.10.132 15169 (GOOGLE)
2 3.113.156.50 16509 (AMAZON-02)
2 4 35.186.193.173 15169 (GOOGLE)
4 4 18.141.93.231 16509 (AMAZON-02)
8 8 74.118.186.45 26120 (RHYTHMONE)
2 3.1.14.27 16509 (AMAZON-02)
2 4 104.18.24.173 13335 (CLOUDFLAR...)
2 195.5.165.20 44968 (IPROM-AS)
2 38.91.45.7 398989 (DEEPINTENT)
2 4 119.9.108.180 45187 (RACKSPACE...)
4 6 107.178.244.193 15169 (GOOGLE)
3 172.253.118.95 15169 (GOOGLE)
2 34.205.101.114 14618 (AMAZON-AES)
1 151.101.194.202 54113 (FASTLY)
13 172.253.118.154 15169 (GOOGLE)
4 142.250.4.94 15169 (GOOGLE)
1 172.217.194.95 15169 (GOOGLE)
3 209.85.200.94 15169 (GOOGLE)
1 1 142.251.12.113 15169 (GOOGLE)
2 74.125.109.230 15169 (GOOGLE)
1 142.250.4.149 15169 (GOOGLE)
1 1 139.162.38.30 63949 (LINODE-AP...)
2 2 70.42.32.223 22075 (AS-OUTBRAIN)
1 3 13.33.39.40 16509 (AMAZON-02)
1 13.33.100.164 16509 (AMAZON-02)
1 54.73.182.21 16509 (AMAZON-02)
1 34.107.231.31 396982 (GOOGLE-CL...)
1 151.101.194.137 54113 (FASTLY)
1 104.22.53.86 13335 (CLOUDFLAR...)
1 162.247.241.14 23467 (NEWRELIC-...)
1 162.19.138.116 16276 (OVH)
1 2 209.58.188.181 133752 (LEASEWEB-...)
2 104.26.5.103 13335 (CLOUDFLAR...)
512 99
1    203.151.130.247 (Samut Prakan, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 247.130.151.203.sta.inet.co.th
www.sanook.com
92    43.132.80.21 (Singapore, Singapore)

ASN139341 (ACE-AS-AP ACE, SG)
s.isanook.com
1    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
8    43.132.80.30 (Singapore, Singapore)

ASN139341 (ACE-AS-AP ACE, SG)
p3.isanook.com
img-as.fsanook.com
2    142.250.4.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f97.1e100.net
www.googletagmanager.com
2    203.154.91.216 (Nonthaburi, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 203-154-91-216.inter.net.th
lvs2.truehits.in.th
3    61.91.94.165 (Bangkok, Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-94-165.static.asianet.co.th
sal.isanook.com
6    157.240.217.15 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-xsp1.fbcdn.net
connect.facebook.net
static.xx.fbcdn.net
5    23.44.0.196 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-44-0-196.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    13.33.88.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-55.sin2.r.cloudfront.net
sb.scorecardresearch.com
1    203.151.128.145 (Samut Prakan, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 145.128.151.203.sta.inet.co.th
appx.sanook.com
2    157.240.217.17 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-shv-01-xsp1.facebook.com
graph.facebook.com
1    61.91.93.46 (Bangkok, Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-93-46.static.asianet.co.th
sloth-api.sanook.com
3    104.22.79.123 (None, )

ASN13335 (CLOUDFLARENET, US)
code.th.giraff.io
4    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    74.125.24.138 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f138.1e100.net
www.googleoptimize.com
1    142.251.12.155 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f155.1e100.net
www.googleadservices.com
3    172.217.194.155 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f155.1e100.net
googleads.g.doubleclick.net
3    104.84.172.224 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-172-224.deploy.static.akamaitechnologies.com
avd.innity.net
1    104.18.216.65 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.izooto.com
9    74.125.24.106 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f106.1e100.net
www.google.com
4    142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net
www.google.co.nz
18    142.250.4.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f157.1e100.net
www.googletagservices.com
cm.g.doubleclick.net
adservice.google.co.nz
adservice.google.com
bid.g.doubleclick.net
2    172.217.194.101 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f101.1e100.net
www.google-analytics.com
3    157.240.217.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-xsp1.facebook.com
www.facebook.com
2    61.91.93.41 (Bangkok, Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-93-41.static.asianet.co.th
graph.sanook.com
3    209.58.178.57 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
data.th.giraff.io
1    87.240.129.133 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv133-129-240-87.vk.com
vk.com
1    217.20.155.208 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: ip208.155.odnoklassniki.ru
connect.ok.ru
3    119.81.192.134 (Singapore, Singapore)

ASN36351 (SOFTLAYER, US)
PTR: 86.c0.5177.ip4.static.sl-reverse.com
avd.innity.com
28    142.251.10.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f156.1e100.net
securepubads.g.doubleclick.net
1    61.91.94.166 (Bangkok, Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-94-166.static.asianet.co.th
getimage-member.sanook.com
1    172.217.194.113 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f113.1e100.net
analytics.google.com
2    74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net
stats.g.doubleclick.net
7    23.106.249.95 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
a.th.giraff.io
code.yengo.com
1    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
8    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
7    103.231.98.193 (Japan)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    52.77.152.198 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
13    74.125.130.138 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f138.1e100.net
fundingchoicesmessages.google.com
15    172.67.26.199 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.th.giraff.io
21    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
tencentth-d.openx.net
jp-u.openx.net
us-u.openx.net
3    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
11    68.67.160.137 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
3    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    119.81.192.141 (Singapore, Singapore)

ASN36351 (SOFTLAYER, US)
PTR: 8d.c0.5177.ip4.static.sl-reverse.com
as.innity.com
3    184.25.221.62 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-221-62.deploy.static.akamaitechnologies.com
a.teads.tv
5    77.245.57.78 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
rtb-eu.andbeyond.media
3    67.199.150.81 (Los Angeles, United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
6    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
4    185.84.60.20 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    103.229.206.241 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
25    103.231.98.194 (Japan)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
3    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    18.138.18.111 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
2    103.229.10.247 (Singapore)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
1    139.162.23.100 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li865-100.members.linode.com
gocm.c.appier.net
2    23.23.131.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-131-203.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    202.131.200.84 (Japan)

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)
sync-dsp.ad-m.asia
3    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
17    142.250.4.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f155.1e100.net
cm.g.doubleclick.net
www.googletagservices.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
5    103.231.98.195 (Japan)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
3    34.83.125.63 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.125.83.34.bc.googleusercontent.com
um.simpli.fi
4    52.74.36.190 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-36-190.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
17    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
4    52.74.13.196 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
2    13.115.124.23 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-124-23.ap-northeast-1.compute.amazonaws.com
pool.admedo.com
5    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    89.207.22.105 (Singapore, Singapore)

ASN41041 (VCLK-EU-SE, US)
PTR: sin02-usadmm-ds.dotomi.com
pubmatic-match.dotomi.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
3    68.67.160.114 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
3    202.241.208.100 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
6    13.33.88.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-98.sin2.r.cloudfront.net
cr-p3.ladsp.com
2    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
4    216.130.169.24 (United States)

ASN393710 (WEBAIR-INTERNET-SINGAPORE, US)
sync.adkernel.com
11    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum.casalemedia.com
3    162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
lb.eu-1-id5-sync.com
3    54.169.203.49 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-203-49.ap-southeast-1.compute.amazonaws.com
id.crwdcntrl.net
sync.crwdcntrl.net
7    67.199.150.80 (Los Angeles, United States)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
2    13.35.19.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-19-109.sin5.r.cloudfront.net
static.chartbeat.com
16    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
6    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    185.183.112.155 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
2    18.136.172.50 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-172-50.ap-southeast-1.compute.amazonaws.com
d.adroll.com
2    23.106.69.73 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
gu.dyntrk.com
2    37.18.103.22 (Netherlands)

ASN205675 (HYBRID-AS, DE)
dm-eu.hybrid.ai
1    23.106.127.38 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
10    74.125.200.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f132.1e100.net
e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
cdn.ampproject.org
dd31626167c276297e6a56d55da8592d.safeframe.googlesyndication.com
4    142.251.10.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f95.1e100.net
imasdk.googleapis.com
17    142.251.10.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f132.1e100.net
tpc.googlesyndication.com
2    3.113.156.50 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-113-156-50.ap-northeast-1.compute.amazonaws.com
dps.jp.cinarra.com
4    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
4    18.141.93.231 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-141-93-231.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
8    74.118.186.45 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    3.1.14.27 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-14-27.ap-southeast-1.compute.amazonaws.com
cm.adgrx.com
4    104.18.24.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
4    119.9.108.180 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipglob.semasio.net
6    107.178.244.193 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 193.244.178.107.bc.googleusercontent.com
pixel.tapad.com
3    172.253.118.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f95.1e100.net
fonts.googleapis.com
2    34.205.101.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-101-114.compute-1.amazonaws.com
ping.chartbeat.net
1    151.101.194.202 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
13    172.253.118.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f154.1e100.net
pagead2.googlesyndication.com
4    142.250.4.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f94.1e100.net
fonts.gstatic.com
1    172.217.194.95 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f95.1e100.net
ajax.googleapis.com
3    209.85.200.94 (United States)

ASN15169 (GOOGLE, US)
PTR: jl-in-f94.1e100.net
csi.gstatic.com
1    142.251.12.113 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f113.1e100.net
gcdn.2mdn.net
2    74.125.109.230 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s21-in-f6.1e100.net
r1---sn-ntq7ynle.c.2mdn.net
1    142.250.4.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f149.1e100.net
s0.2mdn.net
1    139.162.38.30 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1451-30.members.linode.com
a.c.appier.net
2    70.42.32.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
3    13.33.39.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-39-40.sin2.r.cloudfront.net
c.amazon-adsystem.com
1    13.33.100.164 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-100-164.sin2.r.cloudfront.net
d3div1mtym39ic.cloudfront.net
1    54.73.182.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-182-21.eu-west-1.compute.amazonaws.com
global.cloud.netacuity.com
1    34.107.231.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.231.107.34.bc.googleusercontent.com
p.adlooxtracking.com
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    104.22.53.86 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    162.247.241.14 (Lake Oswego, United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
1    162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
lbs.eu-1-id5-sync.com
2    209.58.188.181 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
ads.aralego.com
sync.aralego.com
2    104.26.5.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
Apex Domain
Subdomains		 Transfer
100 isanook.com
s.isanook.com — Cisco Umbrella Rank: 36762
p3.isanook.com — Cisco Umbrella Rank: 127211
sal.isanook.com — Cisco Umbrella Rank: 105637
2 MB
57 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 191
stats.g.doubleclick.net — Cisco Umbrella Rank: 94
cm.g.doubleclick.net — Cisco Umbrella Rank: 207
bid.g.doubleclick.net — Cisco Umbrella Rank: 668
548 KB
52 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 503
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 498
image6.pubmatic.com — Cisco Umbrella Rank: 681
simage2.pubmatic.com — Cisco Umbrella Rank: 625
image2.pubmatic.com — Cisco Umbrella Rank: 921
image4.pubmatic.com — Cisco Umbrella Rank: 880
t.pubmatic.com — Cisco Umbrella Rank: 4188
simage4.pubmatic.com — Cisco Umbrella Rank: 1202
280 KB
33 googlesyndication.com
e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
dd31626167c276297e6a56d55da8592d.safeframe.googlesyndication.com
236 KB
30 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 528
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 450
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 540
dsum.casalemedia.com — Cisco Umbrella Rank: 1395
23 KB
27 giraff.io
code.th.giraff.io — Cisco Umbrella Rank: 96733
data.th.giraff.io — Cisco Umbrella Rank: 90281
a.th.giraff.io — Cisco Umbrella Rank: 97159
cdn.th.giraff.io — Cisco Umbrella Rank: 97511
281 KB
25 google.com
www.google.com — Cisco Umbrella Rank: 2
analytics.google.com — Cisco Umbrella Rank: 360
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2008
adservice.google.com — Cisco Umbrella Rank: 83
52 KB
21 openx.net
tencentth-d.openx.net — Cisco Umbrella Rank: 155191
jp-u.openx.net — Cisco Umbrella Rank: 8659
us-u.openx.net — Cisco Umbrella Rank: 422
5 KB
17 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 307
9 KB
16 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 208
secure.adnxs.com — Cisco Umbrella Rank: 437
acdn.adnxs.com — Cisco Umbrella Rank: 589
47 KB
13 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 381
bidder.criteo.com — Cisco Umbrella Rank: 708
dis.criteo.com — Cisco Umbrella Rank: 639
10 KB
12 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1183
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 435
ups.analytics.yahoo.com — Cisco Umbrella Rank: 288
5 KB
9 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 289
c.amazon-adsystem.com — Cisco Umbrella Rank: 316
9 KB
8 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 421
fonts.googleapis.com — Cisco Umbrella Rank: 52
ajax.googleapis.com — Cisco Umbrella Rank: 257
513 KB
7 gstatic.com
fonts.gstatic.com
csi.gstatic.com
63 KB
7 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 371
136 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 178
310 KB
6 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 430
1 KB
6 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 522
3 KB
6 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 23457
3 KB
6 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 628
cdn.indexww.com — Cisco Umbrella Rank: 1531
5 KB
6 innity.com
avd.innity.com — Cisco Umbrella Rank: 22624
as.innity.com — Cisco Umbrella Rank: 23048
7 KB
6 google.co.nz
www.google.co.nz — Cisco Umbrella Rank: 34374
adservice.google.co.nz — Cisco Umbrella Rank: 141343
2 KB
6 sanook.com
www.sanook.com — Cisco Umbrella Rank: 72061
appx.sanook.com — Cisco Umbrella Rank: 161214
sloth-api.sanook.com — Cisco Umbrella Rank: 163437
graph.sanook.com — Cisco Umbrella Rank: 134654
getimage-member.sanook.com — Cisco Umbrella Rank: 821957
54 KB
5 turn.com
ad.turn.com — Cisco Umbrella Rank: 753
2 KB
5 andbeyond.media
rtb-eu.andbeyond.media — Cisco Umbrella Rank: 35470
2 KB
5 facebook.com
graph.facebook.com — Cisco Umbrella Rank: 135
www.facebook.com — Cisco Umbrella Rank: 110
19 KB
4 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 946
r1---sn-ntq7ynle.c.2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 274
2 MB
4 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1144
2 KB
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 783
s.tribalfusion.com — Cisco Umbrella Rank: 1813
2 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 735
3 KB
4 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5872
1 KB
4 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1555
3 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 293
3 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 606
2 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 144
199 KB
3 fsanook.com
img-as.fsanook.com — Cisco Umbrella Rank: 186446
141 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1182
mab.chartbeat.com — Cisco Umbrella Rank: 2093
25 KB
3 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1446
sync.crwdcntrl.net — Cisco Umbrella Rank: 754
1 KB
3 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 492
cdn.id5-sync.com — Cisco Umbrella Rank: 1143
19 KB
3 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 898
3 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 793
2 KB
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 333
api.rlcdn.com Failed
570 B
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 573
881 B
3 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1352
1 KB
3 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 495
2 KB
3 innity.net
avd.innity.net — Cisco Umbrella Rank: 34192
13 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 141
3 KB
2 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 8828
6 KB
2 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 26917
sync.aralego.com
628 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1198
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1417
683 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 556
1 KB
2 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 998
401 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 830
83 B
2 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5548
556 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1333
459 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 995
1 KB
2 cinarra.com
dps.jp.cinarra.com — Cisco Umbrella Rank: 18271
440 B
2 hybrid.ai
dm-eu.hybrid.ai — Cisco Umbrella Rank: 13961
831 B
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1003
1 KB
2 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1471
361 B
2 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3234
745 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4711
1 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 738
719 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 696
1 KB
2 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2088
a.c.appier.net — Cisco Umbrella Rank: 19766
975 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 649
1 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 471
1 KB
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 737
141 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 40
20 KB
2 truehits.in.th
lvs2.truehits.in.th — Cisco Umbrella Rank: 103738
9 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 67
145 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 252
555 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 364
9 KB
1 adlooxtracking.com
p.adlooxtracking.com — Cisco Umbrella Rank: 17733
4 KB
1 netacuity.com
global.cloud.netacuity.com — Cisco Umbrella Rank: 18212
719 B
1 cloudfront.net
d3div1mtym39ic.cloudfront.net
44 KB
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 863
357 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1342
705 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3839
466 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4141
390 B
1 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 2714
243 B
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 22949
652 B
1 yengo.com
code.yengo.com — Cisco Umbrella Rank: 4687
341 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 11151
207 B
1 ok.ru
connect.ok.ru — Cisco Umbrella Rank: 27615
2 KB
1 vk.com
vk.com — Cisco Umbrella Rank: 5385
567 B
1 izooto.com
cdn.izooto.com — Cisco Umbrella Rank: 15573
1 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 159
2 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1021
44 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 601
40 KB
0 loopme.me Failed
csync.loopme.me Failed
512 92
Domain Requested by
92 s.isanook.com www.sanook.com
s.isanook.com
securepubads.g.doubleclick.net
28 securepubads.g.doubleclick.net www.googletagservices.com
www.sanook.com
securepubads.g.doubleclick.net
e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
cdn.aralego.net
23 cm.g.doubleclick.net 13 redirects jp-u.openx.net
e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
www.sanook.com
20 simage2.pubmatic.com ads.pubmatic.com
17 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.sanook.com
e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
imasdk.googleapis.com
tpc.googlesyndication.com
17 match.adsrvr.org 16 redirects www.sanook.com
16 dsum-sec.casalemedia.com 4 redirects ssum-sec.casalemedia.com
www.sanook.com
15 cdn.th.giraff.io www.sanook.com
13 pagead2.googlesyndication.com securepubads.g.doubleclick.net
e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
www.googletagservices.com
tpc.googlesyndication.com
www.sanook.com
13 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
www.sanook.com
11 ib.adnxs.com 4 redirects www.sanook.com
acdn.adnxs.com
9 ssum-sec.casalemedia.com 3 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
9 us-u.openx.net jp-u.openx.net
9 jp-u.openx.net ads.pubmatic.com
jp-u.openx.net
9 www.google.com 2 redirects www.sanook.com
securepubads.g.doubleclick.net
e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
tpc.googlesyndication.com
8 bidder.criteo.com www.sanook.com
static.criteo.net
7 cdn.ampproject.org securepubads.g.doubleclick.net
cdn.ampproject.org
7 t.pubmatic.com www.sanook.com
7 hbopenbid.pubmatic.com www.sanook.com
7 www.googletagservices.com s.isanook.com
securepubads.g.doubleclick.net
6 pixel.tapad.com 4 redirects www.sanook.com
6 sync.1rx.io 6 redirects
6 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
6 cr-p3.ladsp.com 6 redirects
6 a.th.giraff.io www.sanook.com
code.th.giraff.io
5 ad.turn.com 5 redirects
5 image2.pubmatic.com ads.pubmatic.com
5 rtb-eu.andbeyond.media www.sanook.com
sync.adkernel.com
5 ads.pubmatic.com s.isanook.com
ads.pubmatic.com
5 p3.isanook.com www.sanook.com
s.isanook.com
p3.isanook.com
4 fonts.gstatic.com fonts.googleapis.com
4 uipglob.semasio.net 2 redirects www.sanook.com
4 pm.w55c.net 4 redirects
4 ipac.ctnsnet.com 2 redirects ads.pubmatic.com
4 imasdk.googleapis.com securepubads.g.doubleclick.net
e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
imasdk.googleapis.com
4 sync.adkernel.com ads.pubmatic.com
sync.adkernel.com
4 x.bidswitch.net 4 redirects
4 ups.analytics.yahoo.com 4 redirects
4 pr-bh.ybp.yahoo.com ads.pubmatic.com
ssum-sec.casalemedia.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 c2shb.ssp.yahoo.com www.sanook.com
4 www.google.co.nz www.sanook.com
4 gum.criteo.com static.criteo.net
gum.criteo.com
www.sanook.com
4 connect.facebook.net www.sanook.com
s.isanook.com
connect.facebook.net
3 c.amazon-adsystem.com 1 redirects www.sanook.com
3 csi.gstatic.com imasdk.googleapis.com
pagead2.googlesyndication.com
3 fonts.googleapis.com securepubads.g.doubleclick.net
e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
3 img-as.fsanook.com securepubads.g.doubleclick.net
3 simage4.pubmatic.com ads.pubmatic.com
3 cdn.indexww.com ssum-sec.casalemedia.com
3 tg.socdm.com 3 redirects
3 secure.adnxs.com 3 redirects
3 um.simpli.fi 3 redirects
3 idsync.rlcdn.com 2 redirects ads.pubmatic.com
3 sync-tm.everesttech.net 3 redirects
3 js-sec.indexww.com ads.pubmatic.com
3 image6.pubmatic.com ads.pubmatic.com
3 a.teads.tv www.sanook.com
3 as.innity.com www.sanook.com
3 fastlane.rubiconproject.com www.sanook.com
3 htlb.casalemedia.com www.sanook.com
3 tencentth-d.openx.net www.sanook.com
3 avd.innity.com avd.innity.net
www.sanook.com
3 data.th.giraff.io code.th.giraff.io
www.sanook.com
3 www.facebook.com www.sanook.com
connect.facebook.net
3 avd.innity.net p3.isanook.com
avd.innity.net
www.sanook.com
3 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
www.sanook.com
3 code.th.giraff.io s.isanook.com
www.sanook.com
3 sb.scorecardresearch.com 1 redirects p3.isanook.com
www.sanook.com
3 sal.isanook.com www.sanook.com
2 cdn.aralego.net ads.aralego.com
2 b1sync.zemanta.com 2 redirects
2 r1---sn-ntq7ynle.c.2mdn.net e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
www.sanook.com
2 ping.chartbeat.net www.sanook.com
2 sync.crwdcntrl.net www.sanook.com
ads.pubmatic.com
2 match.deepintent.com ads.pubmatic.com
2 core.iprom.net ads.pubmatic.com
2 s.tribalfusion.com ads.pubmatic.com
2 a.tribalfusion.com 2 redirects
2 cm.adgrx.com ads.pubmatic.com
2 sync.targeting.unrulymedia.com 2 redirects
2 dps.jp.cinarra.com ads.pubmatic.com
2 e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.co.nz securepubads.g.doubleclick.net
2 dm-eu.hybrid.ai 2 redirects
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 gu.dyntrk.com 2 redirects
2 d.adroll.com ssum-sec.casalemedia.com
2 static.chartbeat.com www.sanook.com
www.googletagmanager.com
2 id5-sync.com www.sanook.com
2 acdn.adnxs.com ads.pubmatic.com
2 pubmatic-match.dotomi.com 2 redirects
2 pool.admedo.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 pippio.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 cms.quantserve.com 2 redirects
2 sync.mathtag.com 2 redirects
2 static.xx.fbcdn.net www.facebook.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.sanook.com
2 graph.sanook.com s.isanook.com
2 www.google-analytics.com www.googletagmanager.com
www.sanook.com
2 graph.facebook.com s.isanook.com
code.th.giraff.io
2 lvs2.truehits.in.th www.sanook.com
2 www.googletagmanager.com www.sanook.com
www.googleoptimize.com
1 sync.aralego.com www.sanook.com
1 ads.aralego.com 1 redirects
1 lbs.eu-1-id5-sync.com www.sanook.com
1 lb.eu-1-id5-sync.com www.sanook.com
1 bam.nr-data.net js-agent.newrelic.com
1 cdn.id5-sync.com www.sanook.com
1 js-agent.newrelic.com www.sanook.com
1 p.adlooxtracking.com www.sanook.com
1 global.cloud.netacuity.com www.sanook.com
1 d3div1mtym39ic.cloudfront.net www.sanook.com
1 a.c.appier.net 1 redirects
1 s0.2mdn.net imasdk.googleapis.com
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 ajax.googleapis.com securepubads.g.doubleclick.net
1 dd31626167c276297e6a56d55da8592d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 mab.chartbeat.com www.sanook.com
1 ssbsync.smartadserver.com sync.adkernel.com
1 sync.adotmob.com 1 redirects
1 id.crwdcntrl.net www.sanook.com
1 ads.playground.xyz 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 sync-dsp.ad-m.asia ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 dis.criteo.com 1 redirects
1 cm.ambientdsp.com 1 redirects
1 code.yengo.com www.sanook.com
1 s.uuidksinc.net 1 redirects
1 analytics.google.com www.googletagmanager.com
1 getimage-member.sanook.com www.sanook.com
1 connect.ok.ru code.th.giraff.io
1 vk.com code.th.giraff.io
1 cdn.izooto.com s.isanook.com
1 www.googleadservices.com www.googletagmanager.com
1 www.googleoptimize.com www.googletagmanager.com
1 sloth-api.sanook.com www.sanook.com
1 appx.sanook.com s.isanook.com
1 static.criteo.net www.sanook.com
1 www.sanook.com
0 csync.loopme.me Failed ads.pubmatic.com
0 api.rlcdn.com Failed www.sanook.com
512 147
Subject Issuer Validity Valid
*.sanook.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-07 -
2023-07-08		 a year crt.sh
*.isanook.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-04 -
2023-10-19		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
lvs2.truehits.in.th
Sectigo RSA Domain Validation Secure Server CA		 2022-01-29 -
2023-02-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-02 -
2022-12-01		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-09-24 -
2023-09-24		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.innity.net
DigiCert SHA2 Secure Server CA		 2022-03-19 -
2023-03-08		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.co.nz
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
data.th.giraff.io
R3		 2022-11-12 -
2023-02-10		 3 months crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2		 2022-03-18 -
2023-04-03		 a year crt.sh
*.ok.ru
GlobalSign RSA OV SSL CA 2018		 2022-10-11 -
2023-11-12		 a year crt.sh
*.innity.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-08 -
2023-12-09		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
a.th.giraff.io
R3		 2022-10-20 -
2023-01-18		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
*.andbeyond.media
Starfield Secure Certificate Authority - G2		 2022-02-23 -
2023-03-12		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
sync-dsp.ad-m.asia
GlobalSign GCC R3 DV TLS CA 2020		 2022-07-21 -
2023-08-22		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G2		 2021-12-30 -
2023-01-31		 a year crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M02		 2022-11-08 -
2023-12-07		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.fsanook.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-26 -
2022-12-23		 a year crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-14 -
2023-06-13		 a year crt.sh
*.ctnsnet.com
DigiCert SHA2 Secure Server CA		 2022-09-27 -
2023-03-08		 5 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.iprom.net
R3		 2022-09-13 -
2022-12-12		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.cloud.netacuity.com
Amazon		 2022-03-27 -
2023-04-25		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2022-11-08 -
2023-01-17		 2 months crt.sh
p.adlooxtracking.com
GTS CA 1D4		 2022-10-02 -
2022-12-31		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh

This page contains 71 frames:

Primary Page: https://www.sanook.com/home/25321/
Frame ID: FDFB272046C89C64A501F065511E01D7
Requests: 261 HTTP requests in this frame

Frame: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Frame ID: CCB6D453B80CE1208236D47CDD2A4C7B
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
Frame ID: 158BC421FD9F0EA00967C6BE92587AD9
Requests: 2 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: F84184E376CB33A719695BA51EAD26C2
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9318F8CB0B2FE74D00133506628007AA
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.9/plugins/like.php?action=like&app_id=1675028022749749&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df31bd0fd06e8d6%26domain%3Dwww.sanook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.sanook.com%252Ff1a9b39d5246f38%26relation%3Dparent.parent&color_scheme=light&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fsanookhome%2F&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=small&width=270
Frame ID: 319C06076BC97E0ED8DA76D6CFEC850A
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Frame ID: F25285C3CD866528A5DCA5AA55138757
Requests: 17 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Frame ID: 8302F92119AF1EFC3040DF5B46CF95D8
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Frame ID: 5636582515D819545B7A6CA376B1C9E6
Requests: 6 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 681A75A578BEFE77CBB5E7EEBACDB48A
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E7F85B516D7ADB192731DC274AF8EDF7
Requests: 1 HTTP requests in this frame

Frame: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Frame ID: 0E2B3923E328A09A1DA69683459FE6DF
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 9C3EAE14CB92188457B6576CC1ADC0D0
Requests: 1 HTTP requests in this frame

Frame: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Frame ID: A83B077B6CBC327C05389F23BEA920A3
Requests: 7 HTTP requests in this frame

Frame: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Frame ID: 6DF2B72B185F15AC723698DCB8E72612
Requests: 7 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0683D562-871D-4C89-8C7A-213479BC869E&gdpr=0&gdpr_consent=
Frame ID: ACEE34338453F970972C043577C07D8A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2801637f-04b7-4b00-9723-1b83462d1c44&gdpr=0&gdpr_consent=
Frame ID: 0A87879ADB3FAFD8EC198395437C2F31
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y38EtwAKcMY5lgAO&gdpr=0&gdpr_consent=&_test=Y38EtwAKcMY5lgAO
Frame ID: CA4AC2F6DAD86A99AF7D8229ADFBA728
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xxl9uw7cwru
Frame ID: A451A7F441EEB422E0890FED35F769FC
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=CZwjkg-bdsMSliHAC5k5wlmdcs0SyiCRCsmHsbL7
Frame ID: 372C10176A1F5774D1F150A02B6F8E16
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3198578105936587515&gdpr=0&gdpr_consent=
Frame ID: 61F2E93CB64A4F166AD26329D05F77D4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: D510BADF8363803344F13277400D2B59
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=1ldltZOaBUmqvVfVtwR_Yw
Frame ID: 013C55B52B5CCE9E61DB966B544229AF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-PIt4apGRqZWV3Beavlod3RaSso
Frame ID: 07250855F4725CBB103A4FA0352129D6
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 03D460FF0DD38ED5685840385FE6550E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0E0AEB1ABFEB4E2F70A8129213451BD0
Requests: 3 HTTP requests in this frame

Frame: https://rtb-eu.andbeyond.media/user-synced?zone=136922&uid=A7537983864338538441
Frame ID: 9793766854C368338012257B6320CFE2
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1B7F28A8D4CAB3F0D7BE009FAD21E19A
Requests: 3 HTTP requests in this frame

Frame: https://rtb-eu.andbeyond.media/user-synced?zone=136924&uid=A9156914857131033907
Frame ID: B06A8A8EB2AD2A8D56F1E077EEA60696
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 0CBD64F6DEF019F25829B8FA1536C2C9
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: DD9A716960822B855D4C989F63C2ECB2
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 0A3FA354BBD7917F034F7089DAABF620
Requests: 10 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=
Frame ID: 20973D6C773AB4887BB04E731E200429
Requests: 1 HTTP requests in this frame

Frame: https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 64BBEA716BFF3FA2FD1F9DEBD2BA4E09
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFE5tVMEOCM60ILaTS09ff52JzD0Ua5rt_3oRU1mbeoWkLbWMY2UvUWzLM3TIHRNyoMBh-BimGWfKfDhNmkrP5rMSRxbF8TvP1Eakigssq4tRQZWzN1feEhfqBYu8g0Ill7aKq8VzaUdwsAkFcMzp9d71l-jWsGVmTUXdd12ehMYSQj3YARfz8qkuiyKHh5Ho2kdpYFE3tIIEzwaynoVp7qoQ5P5OZJP50bQHbl8LWEjNCGajF5HQo-dfgvdNnguBxDmVwhrXEZ8kcmW97jZ29EG-AVS1l0WJxfgFenmkZeTbQqe8Xg9YFlZweR_LtNRpSsR3ncQG2ze0tCnohcwDTuLRQfZjOClS7wvOW&sai=AMfl-YQNf5XXt1ou13NE_yPB1oV18WNOsNE-H_Wz-Mh-GKfhNYg_ZsWLvyPIosp6azf2uFZxoFVl-kdii5F_6vsIs89pCjrwwfhB9tLufeCDkcDbKkPI-OcBmuAZavqr6V3n&sig=Cg0ArKJSzKiIT2UBeab3EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 842149BDFEA25C872BC9E85F30B9B5D6
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuo8OG_TFMlo45XeoL9b0CT4AfHn-2wUVZZ32WZam9HX9B8ns0AjwTjU5HgXYd-RCJKblQtgXqnVdrxUz-q-YuieZSf-36Lp8yi2BIhR5p9pGllzdJV7MnPOS8028KcdH98usTcy4iLBUkA_T9c8ARrxs8KrlCGtA9WX4vqLTqAeioENXOE8brEFau9dJFkt09NU_gVupV_yV55_vGOtRfMs4JviMdMORrZZ-H86ZQMcqgYdKfqca199QYjjYvjVD4eJn0V8TQCW6lGfpLBBz3nkDa8ki_rz3_QwS9YVR7UUAskEU9yj_yeY5qDqW7rySaqz_y-OBTq6YOrqvrp2Gilnvyqyeko4ummcw6lmotZcZsXJ64&sai=AMfl-YS2HuB-llzgvGXaSMfDMtP6Y26mVf8FTIWr5BPRvBM7dAH4YPNYTSVm15MOVEnLaZdFfTwueTIoStFgQw5a14VwZlBF02Dg08RcOzy5vshLtWNQk5pq79w7q3AO4hdP&sig=Cg0ArKJSzJM9R4xlGQPwEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 894103BBCBF18BBC62DDDE9846749646
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuaCdlMftDwgcmDK5GZW99pXnNKZZqk5NUY7qE9j2RLH192hxjIfG_SciAmPc8dAykGzruy2E9jcBIHTSg41kE02Teat8NPbDVgNYYXnG_Ao9VIlQBBRPMO7nCyU0Nj8wJKLAoP2mjW0lSAimMT8TOo86upa-1vLBQqmc6dnGs44rJupZaBvSH8vVu_Key-2LCuW7woD26dztBCQQMm825j3SBda78gUelQVMDqLUAq8aTo6iVixkss2ugtJmmp6j3rRsV-OexHEh97WkugzYF8SQHMwBduvncl_qUC90cKRzKFdcXl4Ao55_HQQvRfW1zjB5MzfYpl0GS57WyAWP3qbKGRu4eNIZbUBcQ&sai=AMfl-YQ8n0SiEZ1233Wn1hNgTzGotf2VlqbLczb7VuiaeGgEbSPiepIB_lyuFB1EqG5RFsx3kJvLV32am9qg-3QTCwlN5uzTw8aM5_vaCEb5u4FehcFVPefNPcMS6_j50G_PSg&sig=Cg0ArKJSzKn2VyB8DWYZEAE&uach_m=[UACH]&adurl=
Frame ID: 5DA1B15AEDD101D6F005F80FB47CDAF4
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWYUcU2BHzfgZOl0nDovISYrhQhlw4Az6sUNp5H7xX4sGoIufFvq8DIxyab66RiajySX3jnGaDxFyApew0Vx4O0zPxSDLWgXfBEfFgGK6o9zN_uDLFo12cBZ0IOjCy0qeuACPsY-gELH3UJnTTFyyWz60MP3I4FwqUDv8OPNP5Jmx4qXZ2t1-SNe1rylOyjtwjvbLITtSKu94iIGHskl8tN1T-yECp6Jqlm1xrxFeOflAW8_vLNdobajttp8fxosZDvSCMG-f94uv8k8hlQslynS5J_P3hl1om6uhopWxwmxGw9uBu1hx6anDO8tPKliWwfTmI8KGmU3TpPxuCCKpLfJTrv0H7&sai=AMfl-YSlHYMsmadhMPLifVLOjlJSV0XPlBHlofpNu9Fttb7c4T_8TbJEt_YBa7FuAhxuUZMpAAtu89tLM1lg_epivXCDBuhHoyU93Zi3SoxGArMHmOkAuRZw81ZD3Zrwm1am&sig=Cg0ArKJSzLFgYX5G1ZvXEAE&uach_m=[UACH]&adurl=
Frame ID: DCE69E2364B86E066E87607747EF7F75
Requests: 9 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=0683D562-871D-4C89-8C7A-213479BC869E
Frame ID: 29D4A40D2C99EAC1A2EDBACCC627A4E2
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 704F2176D4BF8CAA4808005D5B3B66E9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=9d1bc55b6c144491a26e2bf1b04fb22d
Frame ID: 67A91D69177A1FAF7965B1C98363BF19
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FaAJvaKv1OY52a5&gdpr=0&gdpr_consent=
Frame ID: 7EBA5F1448FBF153AFA582B9BB246797
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7c30c968-db8c-41ae-b6b4-46126cfe7109-004
Frame ID: 79BA6FF777956E4048E51BECFEF9D7DF
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: E84B651CE6A4262CFB1BA863354B449D
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: E1FB7D5090DF1CC47406CE1B68F57804
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 017510D950A9EC75C744ECEEEB02783A
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Frame ID: 13D919CB303C97164025CB3CEBA5CA4B
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 5E20C94BA48680566CC7FE9E98AD147E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CD47C018B3054D07B0988B6AD97255DB&gdpr=0&gdpr_consent=
Frame ID: A1FA69FB7D48D2EB47E97C7E7A65B62D
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=0683D562-871D-4C89-8C7A-213479BC869E
Frame ID: 3396BDC57892A09530946EF9B2D2AF98
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 5AAD7B6D60F66D3F5877B002D1CB2EA0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=f0aed5e1b065440fbc1d0dd287fdfd72
Frame ID: CC4C7F55E9F3A0900D83F92345554EEB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FaAJvaKv1OY52a5&gdpr=0&gdpr_consent=
Frame ID: 3D7DD364BC7EDF0AA28C164AED9DF29F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7c30c968-db8c-41ae-b6b4-46126cfe7109-004
Frame ID: 06FD573F9AFB27FEA9C2E6553F8A512C
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 4BEC0A1A372D8353575962DD611B1B61
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 45B2A669CD13205FAC35D97DF84F7ADE
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: E4E28AF0BEFC70DFE2B346DC4189D503
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Frame ID: 48C4FB17C3DF5F76CA1123629C2ECB48
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: AFF30338933531540F5D26E5A44D59E4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CD47C018B3054D07B0988B6AD97255DB&gdpr=0&gdpr_consent=
Frame ID: 2F37A0B23004F714252D32D74ABB7FC5
Requests: 1 HTTP requests in this frame

Frame: https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 33EA94E15558CA28302C6E50C39B7A57
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: C0FD55DC084D1E3BBFC387DC85E20418
Requests: 20 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstB0nIk68dvQkQ78uld-v6jU2csrkB4Eb76XKRJXk7pcQxy9HmG7uS4bDvffdq0l9gtbMk1SXy4QSJp1BjIlz73E3kTLemmaemL9LPxav9rUiOZdgVIaas6fjr85s9_iv0Fx2AN6aJPQtjBlqJLgazpsWWfF60jg4dd28VCZzSQT_VbXCDQjU5tM6UdYO0pkyF0X8Uet6e1RWWE81TNrbKZ__0EQFLKrlp1HJ0_p1eIiuEJGYH9QiDJHhNMZJ39z2CWoP48QTYdzotiEw-bRuCKfRsLnH0JUx6U1PP8pvc1wmaoqfq1uFhG7AJHwg4iUYFonBn_LA5oxcnHP1BA5pOoK3PFYUxaX17Yza1ePQ&sai=AMfl-YQKf9rrLkCM8L81TpI1KZrbdc1d7EmM--ItZHsp67lAS_Xw3kzS7-OlDhn36yEJw6-WCyOHjom2w8mtks5V0BZkOBYOnhNZzvjyor-5r1VHRHkcUSfSdqecbVi6pLnUkw&sig=Cg0ArKJSzHxyDqV-7jDOEAE&uach_m=[UACH]&adurl=
Frame ID: 8129AB0CC2B44868C88369785BC56CFA
Requests: 7 HTTP requests in this frame

Frame: https://dd31626167c276297e6a56d55da8592d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 8FCC7FB4E2132A03A933BE4E22C73ADD
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwV08EY4fJLxpMH2fYZtdXQiqxeVFTXNV4yJjtDD-E9EG3Zr6L1oSELrrjk4d8FhZk24mveSK1X6NHajU1z7PP3_LJXNPHautJVnADvdlx-6yi9UVzzMhunOxTta3ouLPlO8PqqXQjSnhyqRrIOLocIHQmRb4VeCa04Eih0fiA7dCw2aJFDckQJyvuzgPpF5Hb2YVQ9FsowNwzePLZuMvMcn2Z4kumKs1-tHP46f_-g773bRuHsfHQlPmTCKTp4-NXxnSxkMe6vogSNo6gXCOyLDcpmhAunmKhuG4E4LnHP80DN3OCowqCxbLHJSXjyi1NWXRgYI4&sai=AMfl-YSKr2_7O_pZcr5Ivc-_VOI_C3pcEEa1t7Y8C5kKLK6nTE6E2PTCNaBVMsldF9NmfvBPmeS8hFIBWy629vK1nJ708bObxtiPXR2B20B8mAxp4EwQe0YnBGYC33gJIEVT8g&sig=Cg0ArKJSzGZL_nt9yAUlEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 4F217690F21B0DDAFAD9835E222B6A58
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 081FE32B2893EF496459310D10614C46
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.546.0_en.html
Frame ID: 979F11E174589186689DAA2AF21D9FDD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 687B5BB1EDABD1150D15DD5EEF97DEA1
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 63D57627D4B766F2C8D0F9E1935DD423
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CCAD5544857F6450C9B416A3738263E6
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 203E3C65AFC41A00388688EE12896532
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

“ฉากกั้นโควิด-19” อยากได้ ทำเอง หรือที่ไหนมีขายบ้าง

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.izooto\.\w+
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

512
Requests

85 %
HTTPS

0 %
IPv6

92
Domains

147
Subdomains

99
IPs

13
Countries

7336 kB
Transfer

18237 kB
Size

161
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 110
  • https://sb.scorecardresearch.com/b?c1=2&c2=14617386&cs_it=b3&cv=3.8.0.210223&ns__t=1669268656514&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&c8=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB%E0%B8%A3%E0%B8%B7%E0%B8%AD%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%84%E0%B8%AB%E0%B8%99%E0%B8%A1%E0%B8%B5%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%87&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&cs_it=b3&cv=3.8.0.210223&ns__t=1669268656514&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&c8=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB%E0%B8%A3%E0%B8%B7%E0%B8%AD%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%84%E0%B8%AB%E0%B8%99%E0%B8%A1%E0%B8%B5%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%87&c9=
Request Chain 114
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=1379928338&cv=11&fst=1669268655731&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&tiba=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB&value=0&auid=260535345.1669268656&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=sQR_Y6SfDvvC4t4PrN6-wA4&sscte=1&crd=&eitems=ChAIgKb3mwYQi8OzmN7A5bY-Eh0A7JgbwlqbkN2kn1NjIOk2CcP5RvSz0czSZCfF7g&pscrd=Ek5DaEVJZ0tiM213WVEzcm14eEtLWXhZeUZBUklsQVB4VTFaUUFzbFMyZWU5QUN5akp3X3hYOEVaaVNvMk9IV2p2Sl85MjMxWjN2Y3R2dHcaWENoRUlnS2IzbXdZUWpJN2xfOHpHX1BUVkFSSXRBSlNlMERlUUZHRkRXTDZVbWlBWVdrU2VWckpnc1FzcnAwWklGY0QtWDh5alpGNThzU2RnSUUzZmVWSW8 HTTP 302
  • https://www.google.com/pagead/1p-conversion/1007499765/?random=1379928338&cv=11&fst=1669268655731&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&tiba=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB&value=0&auid=260535345.1669268656&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tiM213WVEzcm14eEtLWXhZeUZBUklsQVB4VTFaUUFzbFMyZWU5QUN5akp3X3hYOEVaaVNvMk9IV2p2Sl85MjMxWjN2Y3R2dHcaWENoRUlnS2IzbXdZUWpJN2xfOHpHX1BUVkFSSXRBSlNlMERlUUZHRkRXTDZVbWlBWVdrU2VWckpnc1FzcnAwWklGY0QtWDh5alpGNThzU2RnSUUzZmVWSW8&is_vtc=1&ocp_id=sQR_Y6SfDvvC4t4PrN6-wA4&cid=CAQSKQDq26N9DFohFlfv7bByq8C1_sWuASEAzRfKLL40VZexIa0TmYviefmLIBM&eitems=ChAIgKb3mwYQi8OzmN7A5bY-Eh0A7JgbwixuFi2S3KJb5Lk_-7bRntzKP_wPz5cgcQ&random=4286054044 HTTP 302
  • https://www.google.co.nz/pagead/1p-conversion/1007499765/?random=1379928338&cv=11&fst=1669268655731&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&tiba=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB&value=0&auid=260535345.1669268656&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tiM213WVEzcm14eEtLWXhZeUZBUklsQVB4VTFaUUFzbFMyZWU5QUN5akp3X3hYOEVaaVNvMk9IV2p2Sl85MjMxWjN2Y3R2dHcaWENoRUlnS2IzbXdZUWpJN2xfOHpHX1BUVkFSSXRBSlNlMERlUUZHRkRXTDZVbWlBWVdrU2VWckpnc1FzcnAwWklGY0QtWDh5alpGNThzU2RnSUUzZmVWSW8&is_vtc=1&ocp_id=sQR_Y6SfDvvC4t4PrN6-wA4&cid=CAQSKQDq26N9DFohFlfv7bByq8C1_sWuASEAzRfKLL40VZexIa0TmYviefmLIBM&eitems=ChAIgKb3mwYQi8OzmN7A5bY-Eh0A7JgbwixuFi2S3KJb5Lk_-7bRntzKP_wPz5cgcQ&random=4286054044&ipr=y&prhg=0
Request Chain 147
  • https://s.uuidksinc.net/match/480/?remote_uid=367985734 HTTP 302
  • https://code.yengo.com/sync?dsp=kadam&id=BoYlq4lWAIsO2dd7knb2
Request Chain 212
  • https://c1.adform.net/serving/cookie/match?party=14&cid=0683D562-871D-4C89-8C7A-213479BC869E&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0683D562-871D-4C89-8C7A-213479BC869E&gdpr=0&gdpr_consent=
Request Chain 213
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2801637f-04b7-4b00-9723-1b83462d1c44&gdpr=0&gdpr_consent=
Request Chain 214
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y38EtwAKcMY5lgAO HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y38EtwAKcMY5lgAO&gdpr=0&gdpr_consent=&_test=Y38EtwAKcMY5lgAO
Request Chain 215
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xxl9uw7cwru
Request Chain 216
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=CZwjkg-bdsMSliHAC5k5wlmdcs0SyiCRCsmHsbL7
Request Chain 217
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3198578105936587515&gdpr=0&gdpr_consent=
Request Chain 218
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 219
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=1ldltZOaBUmqvVfVtwR_Yw
Request Chain 220
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-PIt4apGRqZWV3Beavlod3RaSso
Request Chain 222
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BoPVYocdTImMeiE0ebyGng%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 223
  • https://idsync.rlcdn.com/420486.gif?partner_uid=0683D562-871D-4C89-8C7A-213479BC869E HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDA2ODNENTYyLTg3MUQtNEM4OS04QzdBLTIxMzQ3OUJDODY5RRAAGg0It4n8mwYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=a9b47a9a4230836048240704628b027be4d4d0841368ada95111cd5939653f53791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBhOWI0N2E5YTQyMzA4MzYwNDgyNDA3MDQ2MjhiMDI3YmU0ZDRkMDg0MTM2OGFkYTk1MTExY2Q1OTM5NjUzZjUzNzkxNDI2YjU0MTdkY2UyMRAAGgwIuIn8mwYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBhOWI0N2E5YTQyMzA4MzYwNDgyNDA3MDQ2MjhiMDI3YmU0ZDRkMDg0MTM2OGFkYTk1MTExY2Q1OTM5NjUzZjUzNzkxNDI2YjU0MTdkY2UyMRAAGgwIuIn8mwYSBAgCEABCAEoA&google_gid=CAESEJc-bDNvWWkyy4L8ck1j2T8&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=72c14ec7-0ad2-4840-a507-bcece64ec10f
Request Chain 224
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5519637f-04b7-4500-9b6a-7f6f3b1588d5
Request Chain 225
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDY4M0Q1NjItODcxRC00Qzg5LThDN0EtMjEzNDc5QkM4NjlF&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 226
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEcJ9n9zmVq5NGuIOI3d48U&google_cver=1
Request Chain 227
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CD47C018B3054D07B0988B6AD97255DB
Request Chain 229
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&gdpr=0&gdpr_consent=
Request Chain 230
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0683D562-871D-4C89-8C7A-213479BC869E&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nEJbCnBE2uVspRgP3Qwc5eoebZnmiU4-~A&gdpr=0&gdpr_consent=
Request Chain 231
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3744983394933995990
Request Chain 232
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=33e8fac6-aa9e-4dc9-b58d-e1a185dcb2b2 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=33e8fac6-aa9e-4dc9-b58d-e1a185dcb2b2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=b5488070-4332-48dd-8be1-941799492168&user_group=1&ssp=pubmatic&bsw_param=33e8fac6-aa9e-4dc9-b58d-e1a185dcb2b2 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=33e8fac6-aa9e-4dc9-b58d-e1a185dcb2b2&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 233
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7007434875126765404&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 234
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0683D562-871D-4C89-8C7A-213479BC869E&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=7020947fb7771b23&is_secure=true&networkId=17100&version=1&nuid=0683D562-871D-4C89-8C7A-213479BC869E&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALpApWdimy0AMnWzKsAAAAAAA&expiration=1669355065&nuid=0683D562-871D-4C89-8C7A-213479BC869E&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 235
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3198578105936587515
Request Chain 236
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=6935377281088837468&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 237
  • https://match.adsrvr.org/track/cmf/openx?oxid=5a21062a-543a-304d-635b-c126afb7ffce&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=5a21062a-543a-304d-635b-c126afb7ffce&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&ttd_puid=5a21062a-543a-304d-635b-c126afb7ffce&gdpr=0&gdpr_consent=
Request Chain 238
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y38Et8Co5s8AAOCPjFYAAAAA
Request Chain 239
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AUeRIJ568i_zks8ADxz9kNnA9s8AAAGEqCpvEQ
Request Chain 241
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHoHq7otzveAq_EKtWbequ4&google_cver=1
Request Chain 242
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7079492469164693340&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 243
  • https://match.adsrvr.org/track/cmf/openx?oxid=5a21062a-543a-304d-635b-c126afb7ffce&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=5a21062a-543a-304d-635b-c126afb7ffce&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&ttd_puid=5a21062a-543a-304d-635b-c126afb7ffce&gdpr=0&gdpr_consent=
Request Chain 244
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y38Et8Co5ucAABU37MUAAAAA
Request Chain 245
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQdnDrMQSnmHks8ADxz9kNnA888AAAGEqCpvDg
Request Chain 247
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHoHq7otzveAq_EKtWbequ4&google_cver=1
Request Chain 248
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3762872818583033692&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 249
  • https://match.adsrvr.org/track/cmf/openx?oxid=5a21062a-543a-304d-635b-c126afb7ffce&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=5a21062a-543a-304d-635b-c126afb7ffce&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&ttd_puid=5a21062a-543a-304d-635b-c126afb7ffce&gdpr=0&gdpr_consent=
Request Chain 250
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y38Et8Co5swAAJZcfXQAAAAA
Request Chain 251
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AcSwvrtGQpBtks8ADxz9kNnA9M8AAAGEqCpvDw
Request Chain 253
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHoHq7otzveAq_EKtWbequ4&google_cver=1
Request Chain 258
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 259
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 260
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 277
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&expiration=1671860664&gdpr=0&gdpr_consent=
Request Chain 278
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y38EtxD0v6ddYPL1fRccmwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFE7SGR43qNxqNDmB_ftR4I&google_cver=1
Request Chain 279
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y38EtxD0v6ddYPL1fRccmwAAFMYAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEASNgg8vz373-IJBkYYccxg&google_cver=1
Request Chain 280
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y38EtxD0v6ddYPL1fRccmwAAFMYAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y38EtxD0v6ddYPL1fRccmwAAFMYAAAIB&dcc=t
Request Chain 281
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y38EtxD0v6ddYPL1fRccmwAAFMYAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y38EtxD0v6ddYPL1fRccmwAAFMYAAAIB
Request Chain 282
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0869220419bddfe4759b696b&expiration=[EXPIRATION]
Request Chain 284
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7439780439354333020
Request Chain 286
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y38Et5POK2n75o3ywFtoLQAAFNQAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y38Et5POK2n75o3ywFtoLQAAFNQAAAIB&dcc=t
Request Chain 287
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y38Et-H7.P2A086OIfb25QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFE7SGR43qNxqNDmB_ftR4I&google_cver=1&google_hm=2
Request Chain 288
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y38Et5POK2n75o3ywFtoLQAAFNQAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEASNgg8vz373-IJBkYYccxg&google_cver=1
Request Chain 289
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&expiration=1671860664&gdpr=0&gdpr_consent=
Request Chain 290
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y38EtwAKcMY5lgAO
Request Chain 291
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030001_637f04b8d3d93&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030001_637f04b8d3d93
Request Chain 292
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y38Et5POK2n75o3ywFtoLQAAFNQAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y38Et5POK2n75o3ywFtoLQAAFNQAAAIB
Request Chain 293
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3198578105936587515
Request Chain 295
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y38Et-H7.P2A086OIfb25QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFE7SGR43qNxqNDmB_ftR4I&google_cver=1&google_hm=2
Request Chain 296
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&expiration=1671860664&gdpr=0&gdpr_consent=
Request Chain 297
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y38Et_H7-P2A086OIfb25QAAFMUAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEASNgg8vz373-IJBkYYccxg&google_cver=1
Request Chain 298
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y38Et_H7-P2A086OIfb25QAAFMUAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y38Et_H7-P2A086OIfb25QAAFMUAAAIB&dcc=t
Request Chain 300
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y38Et_H7-P2A086OIfb25QAAFMUAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y38Et_H7-P2A086OIfb25QAAFMUAAAIB
Request Chain 301
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3198578105936587515
Request Chain 302
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=ZujGhoaGRwxqrHyZbyGTI3RaSso
Request Chain 304
  • https://dm-eu.hybrid.ai/match?id=407&burl=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D136922%26dsp%3D520869%26t%3Dimage%26uid%3D%24%7BVID%7D HTTP 302
  • https://sync.adkernel.com/user-sync?zone=136922&dsp=520869&t=image&uid=6948bd2837139bb6894f
Request Chain 305
  • https://dm-eu.hybrid.ai/match?id=407&burl=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D136924%26dsp%3D520869%26t%3Dimage%26uid%3D%24%7BVID%7D HTTP 302
  • https://sync.adkernel.com/user-sync?zone=136924&dsp=520869&t=image&uid=0f808137122eb5258049
Request Chain 358
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=9d1bc55b6c144491a26e2bf1b04fb22d
Request Chain 359
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FaAJvaKv1OY52a5&gdpr=0&gdpr_consent=
Request Chain 360
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1669268666590 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2968548022 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/5991ec9a-6f95-4278-8bf4-53cd73b3fe51 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7c30c968-db8c-41ae-b6b4-46126cfe7109-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-7c30c968-db8c-41ae-b6b4-46126cfe7109-004 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7c30c968-db8c-41ae-b6b4-46126cfe7109-004
Request Chain 362
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 366
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CD47C018B3054D07B0988B6AD97255DB&gdpr=0&gdpr_consent=
Request Chain 367
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=0683D562-871D-4C89-8C7A-213479BC869E&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0683D562-871D-4C89-8C7A-213479BC869E&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 369
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=0683D562-871D-4C89-8C7A-213479BC869E HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=0683D562-871D-4C89-8C7A-213479BC869E HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d413f4ce-073b-4fa1-b335-bdcecbcd182d%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&ttd_puid=d413f4ce-073b-4fa1-b335-bdcecbcd182d%2C
Request Chain 370
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=0683D562-871D-4C89-8C7A-213479BC869E&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0683D562-871D-4C89-8C7A-213479BC869E&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 372
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=0683D562-871D-4C89-8C7A-213479BC869E HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=0683D562-871D-4C89-8C7A-213479BC869E HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d413f4ce-073b-4fa1-b335-bdcecbcd182d%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&ttd_puid=d413f4ce-073b-4fa1-b335-bdcecbcd182d%2C
Request Chain 375
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=f0aed5e1b065440fbc1d0dd287fdfd72
Request Chain 376
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FaAJvaKv1OY52a5&gdpr=0&gdpr_consent=
Request Chain 377
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1669268666590 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5016456853 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/5991ec9a-6f95-4278-8bf4-53cd73b3fe51 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7c30c968-db8c-41ae-b6b4-46126cfe7109-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-7c30c968-db8c-41ae-b6b4-46126cfe7109-004 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7c30c968-db8c-41ae-b6b4-46126cfe7109-004
Request Chain 379
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 383
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CD47C018B3054D07B0988B6AD97255DB&gdpr=0&gdpr_consent=
Request Chain 439
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 460
  • https://gcdn.2mdn.net/videoplayback/id/4d84b25e4f01b0b1/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3794471770/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/2042AC19360BDC4D8D37973313F21FB00A1916E8.88DA526291DCC60566CD24D7B9E45ED76A16BA82/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-ntq7ynle.c.2mdn.net/videoplayback/id/4d84b25e4f01b0b1/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3794471770/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6B894708E55269279455CD806586C2ADB4BF0112.0F5543AA901A44C61BFAF2E29A99A75C14C4610A/key/cms1/cms_redirect/yes/mh/8U/mip/116.90.74.202/mm/42/mn/sn-ntq7ynle/ms/onc/mt/1669268235/mv/m/mvi/1/pl/24/file/file.mp4
Request Chain 464
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFRvlHRwr9jKRMEeBiCWEC4&google_cver=1&google_push=ASkJ3FZWR-c9aKWV_z-r78Y1DqCqpkTP7XRdbODFD-M2Jhz1rQnWrb-nLjYa5XX6tu0N4eWuo7DuL9VgvZWod55oXZiu_sWQzOmNG2A9_lmutUp2ON1tQxMSwNnZcGT6EjAijDs68LkDas-Z HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=ASkJ3FZWR-c9aKWV_z-r78Y1DqCqpkTP7XRdbODFD-M2Jhz1rQnWrb-nLjYa5XX6tu0N4eWuo7DuL9VgvZWod55oXZiu_sWQzOmNG2A9_lmutUp2ON1tQxMSwNnZcGT6EjAijDs68LkDas-Z&google_hm=aYHJ6Fbif8wAKHf82MgueA
Request Chain 465
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEB07Go8Q84Unj5eax27gNlE&google_cver=1&google_push=ASkJ3FbXHBzssfI-gI7M3qit5wRQJY_y31eN-mmJtfkJ0Cde8omAWhzyr2V1cLn6tFioTFM9lxxvheA0VAku2iSjLrhbDIaZnIceazNl_eVKd2nqkM-qd6UTGjnT_bNymwolC6sKvoiL0Ioo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NTk5MWVjOWEtNmY5NS00Mjc4LThiZjQtNTNjZDczYjNmZTUx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=5991ec9a-6f95-4278-8bf4-53cd73b3fe51
Request Chain 466
  • https://a.c.appier.net/gcm?google_gid=CAESEFAlJllChRCzj4p7yAY0XGk&google_cver=1&google_push=ASkJ3Fa_JHWDCPFiyGVXIjjAfX6V1PDfcqYfhmQ8DHSYqBse-Znw7uUqxn0S18uGMD63jU0_ExjWy-kh82YsUmLLcpl1lMjechhk_7y0O27zGRZ_5SXD7BrEQMPVMS6cPBYRCSHMDvu3dfhh HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=MWxkbHRaT2FCVW1xdlZmVnR3Ul9Zdw%3D%3D&google_push=ASkJ3Fa_JHWDCPFiyGVXIjjAfX6V1PDfcqYfhmQ8DHSYqBse-Znw7uUqxn0S18uGMD63jU0_ExjWy-kh82YsUmLLcpl1lMjechhk_7y0O27zGRZ_5SXD7BrEQMPVMS6cPBYRCSHMDvu3dfhh
Request Chain 467
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGzl82hRT81cf0dhlba4Tj8&google_cver=1&google_push=ASkJ3Fa1a_W7srv66tt9jRmJV6VDj6yJmqWdnr1xn2q3YdQ2S_ya8Q22HBvxbGxRo6mFSY3WK5FMWW8vTBUT2cqhxyhc9DmKSv9E1Op3vr-abXFDC1gs8EbrQuHBVbqGy6rZRXaYfLDFQXiz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3Fa1a_W7srv66tt9jRmJV6VDj6yJmqWdnr1xn2q3YdQ2S_ya8Q22HBvxbGxRo6mFSY3WK5FMWW8vTBUT2cqhxyhc9DmKSv9E1Op3vr-abXFDC1gs8EbrQuHBVbqGy6rZRXaYfLDFQXiz&google_hm=M-j6xqqeTcm1jeGhhdyysg==
Request Chain 468
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEGj-flkB7tw2Nh8LHE-X-F8&google_cver=1&google_push=ASkJ3FYTrk8p8TOIM77MVTmKIO_JKOW5NOKmfJ_PRHnz_p7gcJN358EdhM2fVLS5QCz8qBYYUqknfcarMyI3zZjSyA0taxUnsLyag4AFDlT4ClP-fdTdRPcXVCULh30_-Uxo_gR3ikTF6oIZ HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEGj-flkB7tw2Nh8LHE-X-F8&google_push=ASkJ3FYTrk8p8TOIM77MVTmKIO_JKOW5NOKmfJ_PRHnz_p7gcJN358EdhM2fVLS5QCz8qBYYUqknfcarMyI3zZjSyA0taxUnsLyag4AFDlT4ClP-fdTdRPcXVCULh30_-Uxo_gR3ikTF6oIZ&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ASkJ3FYTrk8p8TOIM77MVTmKIO_JKOW5NOKmfJ_PRHnz_p7gcJN358EdhM2fVLS5QCz8qBYYUqknfcarMyI3zZjSyA0taxUnsLyag4AFDlT4ClP-fdTdRPcXVCULh30_-Uxo_gR3ikTF6oIZ&google_hm=VVZhcEpOQmdndUJRNG85b2Y1UnE=
Request Chain 469
  • https://dsum-sec.casalemedia.com/cma?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_10}&google_gid=CAESEASNgg8vz373-IJBkYYccxg&google_cver=1&google_push=ASkJ3FYfcb7bcDRFnN0TvejD9VL2LRSiNWRNBO5omkqIlBAz_DipYmN2UYOkoLZ-R-uYdml8XspSy5knumlonSf0W99DSc-23AidlFArZ4O8zKSu4OD011lLK2bgU1Cd69NXrX3n3T3LUYs- HTTP 302
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3198578105936587515
Request Chain 470
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEEvLNn7m9jr9IclsZnCvX_k&google_cver=1&google_push=ASkJ3Fay6ORW7izeCwTM-YLsFLD-VK6JU6S-Ig7EABWhk9nfxDuoC6ZfKz40MPosoJcceHddJ7mayChixNYBXBc-vtW9KpEeNjgXaHj1UUekmAyUAuwiJSNNjxtvPVKHFe5Cz4J_ngN520qO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzE5ODU3ODEwNTkzNjU4NzUxNQ%3D%3D&google_gid=CAESEEvLNn7m9jr9IclsZnCvX_k&google_cver=1&google_push=ASkJ3Fay6ORW7izeCwTM-YLsFLD-VK6JU6S-Ig7EABWhk9nfxDuoC6ZfKz40MPosoJcceHddJ7mayChixNYBXBc-vtW9KpEeNjgXaHj1UUekmAyUAuwiJSNNjxtvPVKHFe5Cz4J_ngN520qO
Request Chain 474
  • https://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
  • https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Request Chain 509
  • https://ads.aralego.com/cookiesync HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-hk/cookiesync
Request Chain 514
  • https://sync.aralego.com/idsync?usprivacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/e15561ca-e827-3e25-ac79-d2a1f674c4a1?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-Vb.GA.1E2oXYMG_tHpUd14Gug3BV4YNfAslFzAI-~A&redirect=

512 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.sanook.com/home/25321/ 		240 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sanook.com/home/25321/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
203.151.130.247 Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
247.130.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
346463599018e0f2d04fe422bb559325382b21b8e1d80cec3f5c9fc8875fef0c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 24 Nov 2022 05:44:10 GMT
SN-Cache-Status
HIT
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Transfer-Encoding
chunked
Vary
Accept-Encoding User-Agent
X-Ua-Device
desktop
X-Ua-Exp
notset
X-Ua-Key
cover_display
X-Ua-Type
human
X-Ua-isExpReadpage
0
X-Ua-shouldPass
0
pubmatic_desktop.1.0.0.js
s.isanook.com/sh/0/js/ 		1 KB
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:36:41 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 16 May 2018 08:30:09 GMT
server
Lego Server
age
0
etag
W/"5afbec11-43f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
2806806283942544113
accept-ranges
bytes
content-length
550
expires
Sun, 18 Dec 2022 13:36:41 GMT
publishertag.js
static.criteo.net/js/ld/ 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-1e444"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 25 Nov 2022 05:44:11 GMT
beacon.v1.js
p3.isanook.com/sh/0/js/ 		375 B
557 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/sh/0/js/beacon.v1.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.30 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:12 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 28 Nov 2013 06:56:15 GMT
server
Lego Server
etag
"5296e90f-177"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
18027743888340666325
accept-ranges
bytes
content-length
266
b007faf491a6ca658c50.css
s.isanook.com/sr/0/_next/static/css/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/css/b007faf491a6ca658c50.css
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
e0f2a1ee1b729c0d0f2c91bd7932130646b6fa4b4c41479a079935aa6d35cf3c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 02:33:41 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Mon, 14 Nov 2022 09:05:05 GMT
server
Lego Server
age
0
etag
W/"637204c1-a50b"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
10966884992382035754
accept-ranges
bytes
content-length
8806
expires
Thu, 15 Dec 2022 02:33:41 GMT
1216-75cdf64a6bee3b4a0f08.js
s.isanook.com/sr/0/_next/static/chunks/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/1216-75cdf64a6bee3b4a0f08.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
c874f708f5b975cd971bc4b89f3a432a46121a549273f79c0e1363ef54001157

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 13:11:01 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
6871
server
Lego Server
age
1178875
etag
W/"63609299-1ad7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
15065888711255877560
accept-ranges
bytes
content-length
2537
expires
Wed, 07 Dec 2022 21:04:02 GMT
617-5cad0d06573dab8c8b0a.js
s.isanook.com/sr/0/_next/static/chunks/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/617-5cad0d06573dab8c8b0a.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
68551662722fe4ed510f4d33fd3aee3dea77c47dff7584e8c50d1dc9241f22df

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:34:03 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
16291
server
Lego Server
age
639429
etag
W/"637204c0-3fa3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
10489662882689091415
accept-ranges
bytes
content-length
4577
expires
Wed, 14 Dec 2022 14:56:55 GMT
1033-31010cf766d7416adbae.js
s.isanook.com/sr/0/_next/static/chunks/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/1033-31010cf766d7416adbae.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
408d7c817bb914e45a637946c84034557c79acba44f7b0bb3d95d23a992859a2

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 16:33:54 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Tue, 15 Nov 2022 11:32:56 GMT
server
Lego Server
age
138979
etag
W/"637378e8-1e49"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
5498171942935316219
accept-ranges
bytes
content-length
2515
expires
Fri, 16 Dec 2022 16:33:54 GMT
5886-0250f3a1d32ffcdd3e37.js
s.isanook.com/sr/0/_next/static/chunks/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5886-0250f3a1d32ffcdd3e37.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
0efc2b3150feea54abc6285d834aaea36661ffd5acb56047656748c731d12330

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 07:56:36 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
82185
server
Lego Server
age
233980
etag
W/"637204bf-14109"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
16916828900262913803
accept-ranges
bytes
content-length
26159
expires
Wed, 14 Dec 2022 14:30:02 GMT
4618-3d771c0818823fd8f756.js
s.isanook.com/sr/0/_next/static/chunks/ 		84 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/4618-3d771c0818823fd8f756.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
2267c122ec0dda33597b1c2b0507c64b8bdba8400ed9e3f47de4d1f436d83f9a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:20:58 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
85859
server
Lego Server
age
803079
etag
W/"6371fd97-14f63"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
10695218074994515743
accept-ranges
bytes
content-length
24982
expires
Wed, 14 Dec 2022 08:55:00 GMT
5884-96c7c5b8d105dc707520.js
s.isanook.com/sr/0/_next/static/chunks/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5884-96c7c5b8d105dc707520.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
5c360f4a08727f0dbb9b0452830cb058ff02f8bd09d8e775bfc267655374e186

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 01:51:25 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
13796
server
Lego Server
age
0
etag
W/"637204bf-35e4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
4684966588035592960
accept-ranges
bytes
content-length
4354
expires
Thu, 15 Dec 2022 01:51:25 GMT
6323.f6599acaf316dbbbdf68.js
s.isanook.com/sr/0/_next/static/chunks/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/6323.f6599acaf316dbbbdf68.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
b2b0929b20623ba4c0bb366fe428f6bb4a82fbb7342a16cc0cdf5b81a7eec0a2

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 09:10:28 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Mon, 14 Nov 2022 09:05:03 GMT
server
Lego Server
age
0
etag
W/"637204bf-2471"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
3078414906994282925
accept-ranges
bytes
content-length
3400
expires
Wed, 14 Dec 2022 09:10:28 GMT
2182-2de900c55b59a3a8ff15.js
s.isanook.com/sr/0/_next/static/chunks/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2182-2de900c55b59a3a8ff15.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
7cea76adea490a4845fe50f4896a60e5d1c64f37a9fd09a2211f5ce4315d245a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 07:56:35 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Tue, 15 Nov 2022 11:32:58 GMT
server
Lego Server
age
0
etag
W/"637378ea-424f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
2334822286969261460
accept-ranges
bytes
content-length
3746
expires
Sat, 17 Dec 2022 07:56:35 GMT
7634-c8c4fa44c7469a441f00.js
s.isanook.com/sr/0/_next/static/chunks/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/7634-c8c4fa44c7469a441f00.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
45b5fa3e374e32a63cc6da5d2e658a5ca953087ef76af2d16a28d06d8ea4ce61

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 07:32:31 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
14775
server
Lego Server
age
0
etag
"637b2726-39b7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
2192417429017895481
accept-ranges
bytes
content-length
2629
expires
Wed, 21 Dec 2022 07:32:31 GMT
3410-6c875fd3966a0ae895d7.js
s.isanook.com/sr/0/_next/static/chunks/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/3410-6c875fd3966a0ae895d7.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
385addf3395866c92278f92a99cd094fe889793887f0d4b02ae4b53a7e4cbe9d

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 18:30:40 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
20634
server
Lego Server
age
257266
etag
W/"637378e8-509a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
3493025738588230681
accept-ranges
bytes
content-length
4689
expires
Fri, 16 Dec 2022 19:00:49 GMT
1039-aa46969675f165e874fb.js
s.isanook.com/sr/0/_next/static/chunks/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/1039-aa46969675f165e874fb.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
d8d21e31c01e70d6b42e44b60dafd8e5c7f2db23fddcb812035cb6400607af85

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 07:35:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Tue, 01 Nov 2022 03:29:27 GMT
server
Lego Server
age
1086263
etag
W/"63609297-4264"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
2875965493234842227
accept-ranges
bytes
content-length
3622
expires
Tue, 06 Dec 2022 17:50:56 GMT
6754-625837ab35d8b53f8d4c.js
s.isanook.com/sr/0/_next/static/chunks/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/6754-625837ab35d8b53f8d4c.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
23f6b7576d03900e1ea17080e9019b032de26273914d90ca6008b83b9e2cd7fa

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:08:47 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 18 Nov 2022 09:28:38 GMT
server
Lego Server
age
175949
etag
W/"63775046-3642"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
13267303322930289402
accept-ranges
bytes
content-length
3257
expires
Tue, 20 Dec 2022 05:16:19 GMT
930-f08ca081765fe3a431c7.js
s.isanook.com/sr/0/_next/static/chunks/ 		55 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/930-f08ca081765fe3a431c7.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
5110aab5d36edcf2017880c9c458460e7bd680a0f68c0f74bef3962a572e7f79

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 09:19:48 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
55826
server
Lego Server
age
778091
etag
W/"6371fd97-da12"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
1139863309244580218
accept-ranges
bytes
content-length
9189
expires
Wed, 14 Dec 2022 08:55:00 GMT
8282-0ef63d090c0c189dcc83.js
s.isanook.com/sr/0/_next/static/chunks/ 		31 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/8282-0ef63d090c0c189dcc83.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
f74ce812ddb6dfd7e960b04ca7b0317f7cd0cf02bde402525241e6f4f5630e41

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 10:10:48 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 09 Nov 2022 10:51:04 GMT
server
Lego Server
age
0
etag
W/"636b8618-7a74"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
14031818406479613863
accept-ranges
bytes
content-length
4564
expires
Tue, 13 Dec 2022 10:10:48 GMT
9645-bf6c79def3bb299bfb6c.js
s.isanook.com/sr/0/_next/static/chunks/ 		40 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/9645-bf6c79def3bb299bfb6c.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
f4d3664e9c8206462a5d8d3375f21ec961b0d45ad2a0909b8d162473064424db

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 03:38:03 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
41207
server
Lego Server
age
88
etag
W/"637edd3e-a0f7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
1094208596746644771
accept-ranges
bytes
content-length
8621
expires
Sat, 24 Dec 2022 03:38:03 GMT
6295-abaa783086c2fbc07917.js
s.isanook.com/sr/0/_next/static/chunks/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/6295-abaa783086c2fbc07917.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
3609f7ec58d2e4536a4287ccacfd71b0f1785da88eaa76a1606ff921c9a9067f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 17:21:08 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Tue, 15 Nov 2022 11:32:57 GMT
server
Lego Server
age
103170
etag
W/"637378e9-2fed"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
7187305346061302154
accept-ranges
bytes
content-length
3690
expires
Fri, 16 Dec 2022 17:21:08 GMT
1371.b483b0ca91baca3f5ab0.js
s.isanook.com/sr/0/_next/static/chunks/ 		175 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/1371.b483b0ca91baca3f5ab0.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
04424cbb2eb9da61755964e44a25d7eede5c03b70f505690d7ee194f8803118d

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 03:38:03 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
179708
server
Lego Server
age
0
etag
W/"637edd40-2bdfc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
10881256851256787057
accept-ranges
bytes
content-length
34330
expires
Sat, 24 Dec 2022 03:38:03 GMT
2043.be10e3e5f3854c874df3.js
s.isanook.com/sr/0/_next/static/chunks/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2043.be10e3e5f3854c874df3.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
7954a0d6f2c6dd81496228d5665194d0c0aa4c33e1516c79ba8db0b37b116f5b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 07:38:40 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
16389
server
Lego Server
age
990244
etag
W/"63609299-4005"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
7108046390192598204
accept-ranges
bytes
content-length
3812
expires
Sun, 04 Dec 2022 19:33:02 GMT
1957.33ae9332647f96a68f97.js
s.isanook.com/sr/0/_next/static/chunks/ 		225 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/1957.33ae9332647f96a68f97.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
50a668fab0efe7a5e31290bf21b2bcc40554b44c3556aba9a2e4a60b38bad6a3

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 03:38:03 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
229926
server
Lego Server
age
0
etag
W/"637edd40-38226"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
11840110848327333056
accept-ranges
bytes
content-length
37497
expires
Sat, 24 Dec 2022 03:38:03 GMT
webpack-94d9c331fffc20932aef.js
s.isanook.com/sr/0/_next/static/chunks/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/webpack-94d9c331fffc20932aef.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
5f21698aa6edc1e7617e25ab5d6ed60285c07287fe98251b04dcdaeb7161d1d1

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 03:37:57 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
7145
server
Lego Server
age
0
etag
W/"637edd3e-1be9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
14906988362693146444
accept-ranges
bytes
content-length
3652
expires
Sat, 24 Dec 2022 03:37:57 GMT
framework-bccd505f411f10b308c7.js
s.isanook.com/sr/0/_next/static/chunks/ 		147 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/framework-bccd505f411f10b308c7.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
e16941500a7e562826092aa4e31a907a0c6e9354e4c843391cd3fdec33602bb1

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 10:47:28 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Tue, 15 Nov 2022 11:32:58 GMT
server
Lego Server
age
0
etag
W/"637378ea-24b58"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9267424550870440792
accept-ranges
bytes
content-length
45781
expires
Fri, 16 Dec 2022 10:47:28 GMT
main-bcf4d111f618a82e6a4e.js
s.isanook.com/sr/0/_next/static/chunks/ 		75 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/main-bcf4d111f618a82e6a4e.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
1c4ab2f8971959b6a8e4375092eacd41007a97c2078e14af4dd43fdfea43bb6a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 03:36:56 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 18 Nov 2022 09:28:39 GMT
server
Lego Server
age
0
etag
"63775047-12af2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
16107913540434034608
accept-ranges
bytes
content-length
23884
expires
Wed, 21 Dec 2022 03:36:56 GMT
_app-b1a8206d5a68393595d1.js
s.isanook.com/sr/0/_next/static/chunks/pages/ 		704 KB
171 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-b1a8206d5a68393595d1.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
b719b12816ae6609a58830573b4f2bd5d410e4c6e83edb62c480066f25a4cf07

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 06:06:17 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
etag
W/"63775047-b005a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
15922012946451534069
accept-ranges
bytes
content-length
174482
expires
Tue, 20 Dec 2022 06:06:17 GMT
2641-f644de276003517d4cf1.js
s.isanook.com/sr/0/_next/static/chunks/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2641-f644de276003517d4cf1.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
347a1a93f15f2e4e49ec4956179590048c292cab68669b230759e5652eaefd65

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 07:43:06 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
30055
server
Lego Server
age
0
etag
W/"637b2725-7567"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
12073549807773069639
accept-ranges
bytes
content-length
7692
expires
Wed, 21 Dec 2022 07:43:06 GMT
6261-83d84d8a907c771b925e.js
s.isanook.com/sr/0/_next/static/chunks/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/6261-83d84d8a907c771b925e.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
7874f5de129953916f7fff8debfc15f90f17e8b8138e209c93368106cfb24a95

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 09:59:26 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
29416
server
Lego Server
age
0
etag
W/"636b8619-72e8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
8619637703150071054
accept-ranges
bytes
content-length
6713
expires
Tue, 13 Dec 2022 09:59:26 GMT
9669-b56602280eb9384c191d.js
s.isanook.com/sr/0/_next/static/chunks/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/9669-b56602280eb9384c191d.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
9cd0cf9358f6d9ef9aecc29466faba4f8f2f5b9a79f03be60e6b220558fd4340

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 07:54:20 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
13794
server
Lego Server
age
132793
etag
W/"63775045-35e2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
7203747449751930706
accept-ranges
bytes
content-length
4712
expires
Mon, 19 Dec 2022 19:00:40 GMT
1354-e6e263fd45386d27bc3d.js
s.isanook.com/sr/0/_next/static/chunks/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/1354-e6e263fd45386d27bc3d.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
6110bd3d72d24a65ab45401d0318208e362f323aca3c84d57a36523d34a60f0b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 03:40:04 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
50816
server
Lego Server
age
11599
etag
W/"63775046-c680"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
14024350142563476518
accept-ranges
bytes
content-length
16570
expires
Wed, 21 Dec 2022 03:40:04 GMT
2962-603a28e62dde6ed2aedb.js
s.isanook.com/sr/0/_next/static/chunks/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2962-603a28e62dde6ed2aedb.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
39a9767a33fe8b9d31f24bb9f29f98152c9f738a1bf59539cfd87285d30be231

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 03:37:57 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 24 Nov 2022 02:55:59 GMT
server
Lego Server
age
271
etag
W/"637edd3f-2ebe"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
5256057629443349141
accept-ranges
bytes
content-length
2807
expires
Sat, 24 Dec 2022 03:37:57 GMT
497-57b8d1749c6364be3409.js
s.isanook.com/sr/0/_next/static/chunks/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/497-57b8d1749c6364be3409.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
02d87655ea57925a407344fb207920270b0f67db739fee52288dcf19c5cd23f6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:33:13 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 18 Nov 2022 09:28:39 GMT
server
Lego Server
age
0
etag
W/"63775047-7440"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
4572505841915104164
accept-ranges
bytes
content-length
8482
expires
Sun, 18 Dec 2022 13:33:13 GMT
730-5d7513a69b73aba91839.js
s.isanook.com/sr/0/_next/static/chunks/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/730-5d7513a69b73aba91839.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
f0bb9c9c72b6f31a523adc1edc904fc5a8f2868bc10c4819de335d73501ce4ac

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 10:56:39 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
10812
server
Lego Server
age
0
etag
W/"63775047-2a3c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
15804343047955154967
accept-ranges
bytes
content-length
3561
expires
Sun, 18 Dec 2022 10:56:39 GMT
7754-6dfa22c88358c185ebf9.js
s.isanook.com/sr/0/_next/static/chunks/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/7754-6dfa22c88358c185ebf9.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
175669f8054fb79757d2b5c742e164601a9d9b5a690125ce4a3a8afd56ec4f09

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 08:41:28 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
4867
server
Lego Server
age
31492
etag
W/"63775046-1303"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
15726326701441298230
accept-ranges
bytes
content-length
2216
expires
Mon, 19 Dec 2022 14:27:25 GMT
2987-b04e740aa833af31131e.js
s.isanook.com/sr/0/_next/static/chunks/ 		98 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2987-b04e740aa833af31131e.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
6ce0dcecdaa6d3ab36ea92b785c05ab7521a7eb5e2b98a6987cd16f72f7e6985

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:10:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 18 Nov 2022 09:28:38 GMT
server
Lego Server
age
0
etag
W/"63775046-1869f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9701208854280993208
accept-ranges
bytes
content-length
17963
expires
Mon, 19 Dec 2022 04:10:18 GMT
4773-779726919053d0f50e42.js
s.isanook.com/sr/0/_next/static/chunks/ 		387 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/4773-779726919053d0f50e42.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
6fd36494170606224d58be155db93df5922162d648b043654edfcdbaf329e422

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 03:39:11 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
396344
server
Lego Server
age
18
etag
W/"6376ec7d-60c38"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
9774769002886633789
accept-ranges
bytes
content-length
66551
expires
Sun, 18 Dec 2022 03:39:11 GMT
7141-3a6fd1461c6826f0dbc1.js
s.isanook.com/sr/0/_next/static/chunks/ 		255 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/7141-3a6fd1461c6826f0dbc1.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
3020093e634ce3e78925ff9fc55f11ef0699d7b609a647eecb6321f3c6e42d22

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 02:07:11 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
261222
server
Lego Server
age
280055
etag
W/"637378e8-3fc66"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
1831861899612508429
accept-ranges
bytes
content-length
20440
expires
Sun, 18 Dec 2022 02:07:11 GMT
3316-5a7e4037b0214cc03035.js
s.isanook.com/sr/0/_next/static/chunks/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/3316-5a7e4037b0214cc03035.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
6df3fae0f95fcbd6e771bb55bf0115c3d1f29cf5f68ffc965cc0ba3188a697e4

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 03:37:57 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
17690
server
Lego Server
age
0
etag
W/"637edd3f-451a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
521419056744536118
accept-ranges
bytes
content-length
4235
expires
Sat, 24 Dec 2022 03:37:57 GMT
8316-9cbc4ea4fe90547fb151.js
s.isanook.com/sr/0/_next/static/chunks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/8316-9cbc4ea4fe90547fb151.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
961d229d175028fbfd3d00e81feb209f7387faf364b214e228fa13d49cded016

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 01:00:04 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Tue, 22 Nov 2022 03:49:27 GMT
server
Lego Server
age
59945
etag
W/"637c46c7-243b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
6845304833450176807
accept-ranges
bytes
content-length
3150
expires
Thu, 22 Dec 2022 08:21:00 GMT
6850-2d2c0141d03d3cf2c851.js
s.isanook.com/sr/0/_next/static/chunks/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/6850-2d2c0141d03d3cf2c851.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
85a00a5b4fee097fe191dbc68564d9601f979f3ceced79ffb8f222348d4a3586

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 03:37:59 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
20099
server
Lego Server
age
103
etag
W/"637edd3f-4e83"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
10527096853223667125
accept-ranges
bytes
content-length
5099
expires
Sat, 24 Dec 2022 03:37:59 GMT
entry-416692883aaa7978b722.js
s.isanook.com/sr/0/_next/static/chunks/pages/common/ 		44 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/pages/common/entry-416692883aaa7978b722.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
6df794147891582a1b2206cbc0db006cbef4bbd41ca371278a67658a1fbfca9c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 03:37:59 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
44868
server
Lego Server
age
103
etag
W/"637edd3f-af44"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
14791730405980300771
accept-ranges
bytes
content-length
10175
expires
Sat, 24 Dec 2022 03:37:59 GMT
_buildManifest.js
s.isanook.com/sr/0/_next/static/KilHYOU9NjJ0gKJ8Sp-E2/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/KilHYOU9NjJ0gKJ8Sp-E2/_buildManifest.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
bdf905c84c6e5a3c201025266020539ceb820597c68014b31290f5eb897c1ddf

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 03:37:57 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
20090
server
Lego Server
age
0
etag
W/"637edae2-4e7a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
399975871787703208
accept-ranges
bytes
content-length
5307
expires
Sat, 24 Dec 2022 03:37:57 GMT
_ssgManifest.js
s.isanook.com/sr/0/_next/static/KilHYOU9NjJ0gKJ8Sp-E2/ 		77 B
222 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/KilHYOU9NjJ0gKJ8Sp-E2/_ssgManifest.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 03:37:57 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
77
server
Lego Server
age
0
etag
"637edae2-4d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
18026685833592105425
accept-ranges
bytes
content-length
61
expires
Sat, 24 Dec 2022 03:37:57 GMT
gtm.js
www.googletagmanager.com/ 		220 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
7f858d2bff3b98fdad47ee09915e4bb07e717e2e1d693edf309fb0489c6c4857
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72534
x-xss-protection
0
last-modified
Thu, 24 Nov 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 24 Nov 2022 05:44:15 GMT
d0004449.js
lvs2.truehits.in.th/dataa/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lvs2.truehits.in.th/dataa/d0004449.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.91.216 Nonthaburi, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-91-216.inter.net.th
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7340c8ee92ceeab2e41ed0d5fce789dd64f636c34f5c2afcd0b673edf082c734

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:15 GMT
last-modified
Thu, 17 Nov 2022 07:02:00 GMT
server
nginx/1.14.0 (Ubuntu)
p3p
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
content-type
application/x-javascript
cache-control
max-age=604800
content-length
9137
expires
Thu, 1 Dec 2022 5:44:15 GMT
a102.js
sal.isanook.com/js/ 		23 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sal.isanook.com/js/a102.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.94.165 Bangkok, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-94-165.static.asianet.co.th
Software
nginx /
Resource Hash
65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 05:44:15 GMT
Last-Modified
Mon, 10 Aug 2020 09:23:14 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24035
Expires
Sat, 24 Dec 2022 05:44:15 GMT
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.217.15 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-xsp1.fbcdn.net
Software
/
Resource Hash
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 24 Nov 2022 05:44:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27340
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
hqczOWZjlzyS06N68mcC0cqNDdQJ5lp6+6d24fkm7vaYJGYYonCWHYe9nG7fGb9GNNWKo0Ha+7QeeoAhIXjXDA==
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
spacer.gif
p3.isanook.com/sh/0/di/ac/vl/ 		43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p3.isanook.com/sh/0/di/ac/vl/spacer.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.30 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:14 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
etag
"4d5107cb-2b"
content-type
image/gif
x-nws-log-uuid
5475999528429076777
accept-ranges
bytes
content-length
43
ic-lotto.png
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/ic-lotto.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
99547a965f07daf7a5531abff25b655f8ca954dcd1fc1794a87e62b4f59069a7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 11:34:59 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 23 Nov 2022 06:06:42 GMT
server
Lego Server
age
0
etag
"637db872-b1f"
content-type
image/png
cache-control
s-maxage=10
x-nws-log-uuid
10419056553873691409
accept-ranges
bytes
content-length
2847
joox.svg
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		1 KB
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/joox.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
0b2e019fbe37d9642ad85f3194ef708e5510f4e580544587d3036d2c6a22809e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 21:03:07 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Tue, 15 Nov 2022 11:33:09 GMT
server
Lego Server
age
0
etag
W/"637378f5-4e7"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
4800436247923012160
accept-ranges
bytes
content-length
548
expires
Thu, 15 Dec 2022 21:03:07 GMT
wetv.svg
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/wetv.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
08a8463bf15cca775e8cc01995f1d42758cbda90dee2b7019fee15daa62822c9

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 07:54:22 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Mon, 21 Nov 2022 07:22:26 GMT
server
Lego Server
age
0
etag
W/"637b2732-1a5b"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
6282055651489368470
accept-ranges
bytes
content-length
6747
expires
Wed, 21 Dec 2022 07:54:22 GMT
wecomics-d.png
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/wecomics-d.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
72b957c8e33b77cbf556151dc0c974c59408561b4bf97828c5b400bb60663138

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 13:42:14 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Tue, 15 Nov 2022 11:33:09 GMT
server
Lego Server
age
0
etag
"637378f5-bec"
content-type
image/png
cache-control
s-maxage=10
x-nws-log-uuid
6595867004615093235
accept-ranges
bytes
content-length
3052
pubg.png
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/pubg.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
695669eab4d353184ff9d06af8b2e1d0c0aea5af143d16b84206b05f1fa7ec3d

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 11:48:48 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Tue, 22 Nov 2022 10:03:48 GMT
server
Lego Server
age
0
etag
"637c9e84-8c6"
content-type
image/png
cache-control
s-maxage=10
x-nws-log-uuid
12869057846172083314
accept-ranges
bytes
content-length
2246
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2htLzAvdWQvNS8yNTMyMS9wYXJ0aXRpb24uanBn.webp
s.isanook.com/hm/0/rp/rc/w728h437/yatxacm1w0/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/hm/0/rp/rc/w728h437/yatxacm1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2htLzAvdWQvNS8yNTMyMS9wYXJ0aXRpb24uanBn.webp
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
14dc2aa36170005738abb3603f00e4fba515c105c54c1407f29e7036d297a2af

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:15:17 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
10634271170415917438
accept-ranges
bytes
content-length
47226
expires
Thu, 15 Dec 2022 07:15:17 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2htLzAvdWQvNS8yNTMyMS8wMmI5MDg0YzNhZmU2MjcxOTI2NWE0ZDI1MTIzMS5qcGc=.jpg
s.isanook.com/hm/0/rp/r/w728/ya0xa0m1w0/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/hm/0/rp/r/w728/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2htLzAvdWQvNS8yNTMyMS8wMmI5MDg0YzNhZmU2MjcxOTI2NWE0ZDI1MTIzMS5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
88840e806afc7ce7aad50351671a625b05f5ec3cba018f2e4697a5e1a4fe2f12

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 04:28:18 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
7726318003961601415
accept-ranges
bytes
content-length
84613
expires
Fri, 23 Dec 2022 04:28:18 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2htLzAvdWQvNS8yNTMyMS9pbWFnZTE0LmpwZw==.jpg
s.isanook.com/hm/0/rp/r/w728/ya0xa0m1w0/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/hm/0/rp/r/w728/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2htLzAvdWQvNS8yNTMyMS9pbWFnZTE0LmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
d4d385116b169a73dbb5b4954328b178dc4896de4afe21451878b15ceb6aa56e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:15:17 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
1075622707499215996
accept-ranges
bytes
content-length
20350
expires
Thu, 15 Dec 2022 07:15:17 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2htLzAvdWQvNS8yNTMyMS9pbWFnZTE1LmpwZw==.jpg
s.isanook.com/hm/0/rp/r/w728/ya0xa0m1w0/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/hm/0/rp/r/w728/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2htLzAvdWQvNS8yNTMyMS9pbWFnZTE1LmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
d021bc2a53f6e00b6e9c304fb86b902a7b56fc6f557f0355fcec644c2cd2b26e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:15:18 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
5325382723021666379
accept-ranges
bytes
content-length
80949
expires
Thu, 15 Dec 2022 07:15:18 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2htLzAvdWQvNS8yNTMyMS9pbWFnZTE3LmpwZw==.jpg
s.isanook.com/hm/0/rp/r/w728/ya0xa0m1w0/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/hm/0/rp/r/w728/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2htLzAvdWQvNS8yNTMyMS9pbWFnZTE3LmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
8bfe1221f9763250929302a409013542ae31afe1cc59a9c038b76e6dd9f1b666

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:15:18 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9380626571119174535
accept-ranges
bytes
content-length
37581
expires
Thu, 15 Dec 2022 07:15:18 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2htLzAvdWQvNS8yNTMyMS9pbWFnZTE4LmpwZw==.jpg
s.isanook.com/hm/0/rp/r/w728/ya0xa0m1w0/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/hm/0/rp/r/w728/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2htLzAvdWQvNS8yNTMyMS9pbWFnZTE4LmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
630ac1badd97b04a0e75524dab05f2dc502692e58611d77a99c6aa86abaa092f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:15:18 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
12534497651670869296
accept-ranges
bytes
content-length
40145
expires
Thu, 15 Dec 2022 07:15:18 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2htLzAvdWQvMi8xMjg2OS9tYWluYi5qcGc=.jpg
s.isanook.com/hm/0/rp/rc/w350h197/ya0xa0m1w0/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/hm/0/rp/rc/w350h197/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2htLzAvdWQvMi8xMjg2OS9tYWluYi5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
f9d8ca8fda463dbf8a16c3f002df03ccb938737e071449823681273fcd211095

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 05:42:25 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
7306866099633608276
accept-ranges
bytes
content-length
23882
expires
Wed, 21 Dec 2022 05:42:25 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2htLzAvdWQvNS8yNzY0MS90bmhvbWUxMTEuanBn.jpg
s.isanook.com/hm/0/rp/rc/w350h197/ya0xa0m1w0/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/hm/0/rp/rc/w350h197/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2htLzAvdWQvNS8yNzY0MS90bmhvbWUxMTEuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
b7d8b2d40caaca85c76faf4b8b9755236373e14030f7df968fc1d610191ec5ec

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:13:30 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17829392105412494476
accept-ranges
bytes
content-length
14451
expires
Thu, 22 Dec 2022 06:13:30 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2htLzAvdWQvNS8yODM0MS90bmhvbWUyMDIyLmpwZw==.jpg
s.isanook.com/hm/0/rp/rc/w350h197/ya0xa0m1w0/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/hm/0/rp/rc/w350h197/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2htLzAvdWQvNS8yODM0MS90bmhvbWUyMDIyLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
d796897ebeeb3a78cb892cc90935b28fc25b2021d6ed5584fcebd186a507e7ae

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 15:10:39 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17827474323044400101
accept-ranges
bytes
content-length
22844
expires
Sun, 18 Dec 2022 15:10:39 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2htLzAvdWQvNy8zNTYzMy90bmhvbWUzMy5qcGc=.jpg
s.isanook.com/hm/0/rp/rc/w350h197/ya0xa0m1w0/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/hm/0/rp/rc/w350h197/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2htLzAvdWQvNy8zNTYzMy90bmhvbWUzMy5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
9d3626a3bb3438eaac74866467e001d50480e6edac1b89cb7bca3c0ba79f1850

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 00:55:16 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
15777779551590800773
accept-ranges
bytes
content-length
26895
expires
Sat, 24 Dec 2022 00:55:16 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2htLzAvdWQvNy8zNTcwNS90bmhvbWUxMDEuanBn.jpg
s.isanook.com/hm/0/rp/rc/w350h197/ya0xa0m1w0/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/hm/0/rp/rc/w350h197/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2htLzAvdWQvNy8zNTcwNS90bmhvbWUxMDEuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
4291f90b8ec57434058ca86221ad072e2b06f1a5ef3eeb798cc2696b7b792d9f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 11:38:08 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
14960
server
Lego Server
age
0
etag
W/"PSA-aj-0kX5Vsv5RU"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2588368
x-nws-log-uuid
10277922194096950308
accept-ranges
bytes
content-length
12559
expires
Fri, 23 Dec 2022 10:37:37 GMT
oppa.js
p3.isanook.com/sh/0/js/ 		487 B
461 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/sh/0/js/oppa.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.30 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
5c9ffe1bfb0d4ac195af879d7ce333dde2534bb66d93e990d52c421891d8b746

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:15 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
server
Lego Server
etag
W/"PSA-aj-2J8lsPvpC5"
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
16061784407165740414
accept-ranges
bytes
content-length
323
db04b7e80825ebbe7211052ca9638d056f74acc8-1.11.0.js
s.isanook.com/sr/0/js/izooto/ 		209 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/js/izooto/db04b7e80825ebbe7211052ca9638d056f74acc8-1.11.0.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
04739cdd0a9f88f3ceac9851166b8376d4d10cc38cff7f92edc30d5e298d11b1

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 13:16:21 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Tue, 15 Nov 2022 11:33:24 GMT
server
Lego Server
age
0
etag
W/"63737904-34574"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
18049065207060032043
accept-ranges
bytes
content-length
55174
expires
Sat, 17 Dec 2022 13:16:21 GMT
logo-sanook-n.svg
s.isanook.com/sr/0/images/ 		11 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/logo-sanook-n.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
412e44de7c09f2b8d76b1ad4ca25cc6915bcca5d737aaa7c5a6b44e5965d1d6d

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 11:05:01 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 18 Nov 2022 09:28:53 GMT
server
Lego Server
age
0
etag
W/"63775055-2b18"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
8498375743206996500
accept-ranges
bytes
content-length
4394
expires
Sun, 18 Dec 2022 11:05:01 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2htLzAvdXNyL3Bob3RvXzE3XzIwMTgwMTI4MTUxMDQ0LmpwZw==.jpg
s.isanook.com/hm/0/rp/r/w105/ya0xa0m1w0/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/hm/0/rp/r/w105/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2htLzAvdXNyL3Bob3RvXzE3XzIwMTgwMTI4MTUxMDQ0LmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
ff72296150ea01e17cfedef2f248a26d15d6e212e3542c2abc270347cdb9022a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:16:50 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
4677947242289786112
accept-ranges
bytes
content-length
4282
expires
Fri, 23 Dec 2022 02:16:50 GMT
base-icon-v1.0.39.woff2
s.isanook.com/sr/0/fonts/icon/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/icon/base-icon-v1.0.39.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
beb6d8bf79e492a84adf9823f91f1f9bc10e8186df99385c736894c4e6f7fac2

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 20:03:33 GMT
x-cache-lookup
Cache Hit
last-modified
Tue, 22 Nov 2022 10:03:40 GMT
server
Lego Server
age
0
etag
"637c9e7c-9384"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
6968126237269276988
accept-ranges
bytes
content-length
37764
expires
Thu, 22 Dec 2022 20:03:33 GMT
SukhumvitReg.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitReg.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 05:26:03 GMT
x-cache-lookup
Cache Hit
last-modified
Fri, 18 Nov 2022 09:28:43 GMT
server
Lego Server
age
32741
etag
"6377504b-7a90"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
10882674472075588242
accept-ranges
bytes
content-length
31376
expires
Tue, 20 Dec 2022 05:26:03 GMT
prompt-regular-webfont.woff2
s.isanook.com/sr/0/fonts/prompt/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/prompt/prompt-regular-webfont.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
8756f19020bac3a40d2a403c5f5bcf3ac5034bc0da074d6a383bbe6c32561de5

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 15:29:02 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Tue, 15 Nov 2022 11:33:01 GMT
server
Lego Server
age
341406
etag
"637378ed-c8dc"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
14657187988216377968
accept-ranges
bytes
content-length
51420
expires
Sat, 17 Dec 2022 15:29:02 GMT
prompt-bold-webfont.woff2
s.isanook.com/sr/0/fonts/prompt/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/prompt/prompt-bold-webfont.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
d68c3ead837103c502de483abfdb0167fa83abe2a3ba452df2d5f216289f6c9f

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 11:56:31 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Tue, 15 Nov 2022 11:33:01 GMT
server
Lego Server
age
0
etag
W/"637378ed-cf40"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
15348843278684560039
accept-ranges
bytes
content-length
53090
expires
Thu, 15 Dec 2022 11:56:31 GMT
prompt-semibold-webfont.woff2
s.isanook.com/sr/0/fonts/prompt/ 		50 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/prompt/prompt-semibold-webfont.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
211ce11050c57b74d7f793232305a8ee5cea7f061366efaa6df4bff5cb7a2495

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:07:34 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Tue, 15 Nov 2022 11:33:01 GMT
server
Lego Server
age
18974
etag
W/"637378ed-c930"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
12949152776940710653
accept-ranges
bytes
content-length
51542
expires
Sat, 17 Dec 2022 17:07:34 GMT
SukhumvitBold.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitBold.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 06:31:00 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 18 Nov 2022 09:28:43 GMT
server
Lego Server
age
0
etag
W/"6377504b-7df4"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
16697141552202541440
accept-ranges
bytes
content-length
32272
expires
Wed, 21 Dec 2022 06:31:00 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/155976/781/ 		2 MB
230 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ea553d138feb2fd371386abcc68318ef46cc0f04db4dbbc6b5daf05cd3ca021d

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:16 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 03:52:04 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=165716
accept-ranges
bytes
content-length
234685
expires
Sat, 26 Nov 2022 03:46:12 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/beacon.v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-55.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 09:58:16 GMT
content-encoding
gzip
via
1.1 e25f1b4aa5076f3a6a2551c87259c664.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
71291
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
5WumGxx-tHzxDKrYqlt5EI65G5lrPg-ImUO4lSukSzRQrg8IpiGNwQ==
1721.7952867d49936148606e.js
s.isanook.com/sr/0/_next/static/chunks/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/1721.7952867d49936148606e.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-94d9c331fffc20932aef.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
53ae2e57651ab2a877cbdeaa9177e247613676965241bf997ef2a00618f13636

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 10:12:39 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 18 Nov 2022 09:28:38 GMT
server
Lego Server
age
0
etag
W/"63775046-189e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
14084928854963569275
accept-ranges
bytes
content-length
2141
expires
Mon, 19 Dec 2022 10:12:39 GMT
2481.dcf19fe8839f8737d536.js
s.isanook.com/sr/0/_next/static/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2481.dcf19fe8839f8737d536.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-94d9c331fffc20932aef.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
0a55a803103fd73c135ad66d1a8b9aa2a7a7bb0054618b70a9c0d46c87a59371

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 07:53:27 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
3810
server
Lego Server
age
0
etag
W/"637378e9-ee2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
7691444151491922420
accept-ranges
bytes
content-length
1425
expires
Fri, 16 Dec 2022 07:53:27 GMT
9367.ef60adf9c7ce3fc46320.js
s.isanook.com/sr/0/_next/static/chunks/ 		97 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/9367.ef60adf9c7ce3fc46320.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-94d9c331fffc20932aef.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
3afa96e2dae5339871a96f936a88668f9d561b3c0990a22c04cbea60370e3201

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 13:16:49 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
98993
server
Lego Server
age
1243781
etag
W/"63609297-182b1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
17435472872907509858
accept-ranges
bytes
content-length
18618
expires
Thu, 01 Dec 2022 03:41:09 GMT
2437.9e6c8584339c5949c677.js
s.isanook.com/sr/0/_next/static/chunks/ 		1 KB
988 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2437.9e6c8584339c5949c677.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-94d9c331fffc20932aef.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
8f8559a1d533e1b9f28b7904b9328abf7defe554bb3cf4328d84e21ddf5764f2

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 17:52:39 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
1414
server
Lego Server
age
11742
etag
W/"637378e9-586"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
7921928470145466329
accept-ranges
bytes
content-length
791
expires
Fri, 16 Dec 2022 17:52:39 GMT
3570.5f970a291cdd267ec08f.js
s.isanook.com/sr/0/_next/static/chunks/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/3570.5f970a291cdd267ec08f.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-94d9c331fffc20932aef.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
57c7b404ca9d387f220d04139938336cc7f030ab8686904d294723a95255fb5f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 02:29:12 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 18 Nov 2022 09:28:38 GMT
server
Lego Server
age
0
etag
W/"63775046-83d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
6155988738386276277
accept-ranges
bytes
content-length
979
expires
Wed, 21 Dec 2022 02:29:12 GMT
1922.fc88f19d61e1c87fcad4.js
s.isanook.com/sr/0/_next/static/chunks/ 		11 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/1922.fc88f19d61e1c87fcad4.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-94d9c331fffc20932aef.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
b062d4a52d40ebd9597323242db21ecbbea36a5240d605fb4b2e303e5c927180

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 23:16:04 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
11251
server
Lego Server
age
104055
etag
W/"637378e9-2bf3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
10300924282990658035
accept-ranges
bytes
content-length
1788
expires
Fri, 16 Dec 2022 13:20:59 GMT
set
appx.sanook.com/counter/ 		45 B
245 B 		Script
General
Check archive.org
Download Go to
Full URL
https://appx.sanook.com/counter/set?site_name=home&entry_id=25321&t=1669268654857&callback=jsonp_1669268654570_29361
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/4618-3d771c0818823fd8f756.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.151.128.145 Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
145.128.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
45b8b11162e358b831e2ff38bf07599644b58043df4b4c1f36aa96729cdbe0f1

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 05:44:17 GMT
Cache-Control
s-maxage=10
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
responsive-voice-1.0.3.min.js
s.isanook.com/sr/0/js/voice/ 		90 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-b1a8206d5a68393595d1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
695e3e04c7d78887cbe74d3449f5c0a5e2ef92d173e6cbf8f692d3e028f4554d

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 17:42:09 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
92456
server
Lego Server
age
254405
etag
W/"636b8642-16928"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
5601051072957176884
accept-ranges
bytes
content-length
22234
expires
Tue, 13 Dec 2022 19:01:03 GMT
/
graph.facebook.com/ 		202 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?id=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/3410-6c875fd3966a0ae895d7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.217.17 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-shv-01-xsp1.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
date
Thu, 24 Nov 2022 05:44:15 GMT
x-fb-rev
1006637098
alt-svc
h3=":443"; ma=86400
content-length
150
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
FGihTc/iQemNRNTrm9aRjYPyr9o/3yfz3G7QEO0uJastHONuisDCfrv6bB+zIB2FYupjWFTMnblWcaPp2htoRw==
x-fb-trace-id
AHw/s+2W2l0
vary
Origin, Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
AQVN5MhwGoUKs1WrmIxsLla
cache-control
no-store
facebook-api-version
v9.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/4618-3d771c0818823fd8f756.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.217.15 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-xsp1.fbcdn.net
Software
/
Resource Hash
f17ea372ef0441be0906be0f0b9c4ebade3bb167443abcbaf4bb1823bf19703d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 24 Nov 2022 05:44:16 GMT
content-md5
tm02ayrv4lx499W+VZXZvw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
fEEc2PlPpBWA8kJzFaLqVIxx6tm5PViYj2xsZX+SGRauyXHa6m/ZtVJbQ5qfOLZetqzpAct8Vom9P4DbOqZqIw==
x-fb-trip-id
1679558926
x-fb-content-md5
168971b191dd628e114be5b30cf11124
cross-origin-opener-policy
same-origin-allow-popups
etag
"8a3b77632aacb7b3ed88508ba8a62300"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 05:47:56 GMT
hub.html
p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/ Frame CCB6 		236 B
387 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-b1a8206d5a68393595d1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.30 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
195
cache-control
no-cache, max-age=0
content-encoding
gzip
content-length
192
content-type
text/html
date
Thu, 24 Nov 2022 05:40:59 GMT
server
Lego Server
vary
Accept-Encoding
x-cache-lookup
Cache Miss Hit From Inner Cluster
x-nws-log-uuid
17990668535132252380
x-page-speed
1.13.35.2-0
abbreviationv2.min.json
s.isanook.com/sr/0/textToSpeech/ 		14 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/textToSpeech/abbreviationv2.min.json?t=24112022
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
964b656289b3bc187440e3556d72226c8f364bdc257acb0b3a99956ad013b60a

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 15:28:29 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Tue, 22 Nov 2022 10:04:11 GMT
server
Lego Server
age
0
etag
"637c9e9b-38e8"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
15060209904743362304
accept-ranges
bytes
content-length
2550
expires
Thu, 22 Dec 2022 15:28:29 GMT
cookiepolicy.png
s.isanook.com/sr/0/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/cookiepolicy.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
d57aeaf80265f0b85de1bf9798c3eb60e8b8a71869a16cea4873e21667c9f657

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 03:20:44 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
etag
"6376ec85-428b"
content-type
image/png
x-nws-log-uuid
11052325781461232463
accept-ranges
bytes
content-length
17035
expires
Fri, 18 Nov 2022 03:25:44 GMT
sanook_trend
sloth-api.sanook.com/api/ 		23 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sloth-api.sanook.com/api/sanook_trend?channel=home&t=463685
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.93.46 Bangkok, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-46.static.asianet.co.th
Software
nginx / Express
Resource Hash
348b1bd70e7d51afaa06fa3fa15fc8c4c61842c1563ae4e8d3b6c44ca53b5354

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Response-Time
2.497ms
Date
Thu, 24 Nov 2022 05:44:15 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"17-hfTPuDfDA7HGvdGm1PX7v5CHNF4"
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Content-Length
23
Expires
Sat, 24 Dec 2022 05:44:15 GMT
widget-sanookcom-home.js
code.th.giraff.io/data/ 		196 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.th.giraff.io/data/widget-sanookcom-home.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-b1a8206d5a68393595d1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.79.123 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38c831bcf8b9a155164e37dc892ffd80dd517c3cf788eeaf007a43009c2347fe

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:17 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 12 Oct 2022 18:50:16 GMT
server
cloudflare
etag
W/"63470c68-311ae"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
cf-ray
76efd4efdd9bab01-SYD
expires
Thu, 24 Nov 2022 05:45:16 GMT
syncframe
gum.criteo.com/ Frame 158B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 24 Nov 2022 05:44:15 GMT
server
Kestrel
server-processing-duration-in-ticks
472206
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
hub.js
p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/ Frame CCB6 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/hub.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.30 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:14 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 18 Nov 2016 04:14:33 GMT
server
Lego Server
etag
"582e8029-1e6a"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
18155330962024813992
accept-ranges
bytes
content-length
2483
goggen.php
lvs2.truehits.in.th/ 		91 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lvs2.truehits.in.th/goggen.php?hc=d0004449&bv=0&rf=bookmark&web=OC06PC8VV03DsMc10kKfXQ%3D%3D&bn=Netscape&ss=1600*1200&sc=24&sv=1.3&ck=y&ja=n&vt=6EC2A651.1&fp=d&fv=-&truehitspage=sanook.home.entry&truehitsurl=https%3a//www.sanook.com/home/25321/&async=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.91.216 Nonthaburi, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-91-216.inter.net.th
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/jpeg
pragma
no-cache
date
Thu, 24 Nov 2022 05:44:16 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server
nginx/1.14.0 (Ubuntu)
p3p
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
json
gum.criteo.com/sid/ Frame 158B 		439 B
554 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=sanook.com&sn=ChromeSyncframe&so=0&topUrl=www.sanook.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
203cd9863a5fa20e8871c5ae97b1752c0025984a980f2f3957ae00b258e87bc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:15 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1412512
expires
0
c
sal.isanook.com/sa/ 		35 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sal.isanook.com/sa/c?v=1&_v=j41&a=474022095&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&dp=%2Fhome%2F25321%2F&ul=en-us&de=UTF-8&dt=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB%E0%B8%A3%E0%B8%B7%E0%B8%AD%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%84%E0%B8%AB%E0%B8%99%E0%B8%A1%E0%B8%B5%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%87&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QAAAAAABC~&cid=2011867013.1669268656&tid=SA-8147095-6&cd4=0&cd8=b&z=175772587
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.94.165 Bangkok, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-94-165.static.asianet.co.th
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:16 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
no-cache, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35
Expires
Thu, 01 Jan 1970 00:00:01 GMT
optimize.js
www.googleoptimize.com/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=GTM-NBRLWV4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f138.1e100.net
Software
Google Tag Manager /
Resource Hash
78e4078db031930768b60fba5c4b789a32356dbdf7a26c8bf11cdec73441d040
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
44237
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 24 Nov 2022 05:44:17 GMT
/
www.googleadservices.com/pagead/conversion/1007499765/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/1007499765/?random=1669268655731&cv=11&fst=1669268655731&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&tiba=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB&value=0&bttype=purchase&auid=260535345.1669268656&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
e4dacb6915e2162721159f0956cb2ad217d1b669ead947e93e3dae99102d108b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/?random=1669268655741&cv=11&fst=1669268655741&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&tiba=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB&auid=260535345.1669268656&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
ed55328b88771cd195e70946ce7a63317abf0d171de1bb2574c54f4dccebcd79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
936
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1489944661112333
connect.facebook.net/signals/config/ 		293 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1489944661112333?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.217.15 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-xsp1.fbcdn.net
Software
/
Resource Hash
bc204af512175431ab95e1cedd21443df3ca379cc1eb41da8f316c1f82b7d058
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 24 Nov 2022 05:44:16 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86527
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
R1Frqpsd5qr/MacjPzvL+1GxDYBBNoaGsuTO5gEAWl5e6sLnfelF3MQPW04Q5qNSkDMAzYCip9+lqGJC0woKTg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
container_57b51f2f1c51b15b6d1e8553.js
avd.innity.net/225/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/oppa.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.84.172.224 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-172-224.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Unused62
8096267
Date
Thu, 24 Nov 2022 05:44:17 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Aug 2020 08:27:45 GMT
Server
nginx/1.18.0
ETag
"5f48c001-20eb-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=357162
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3222
Expires
Mon, 28 Nov 2022 08:56:59 GMT
iz_setcid.html
cdn.izooto.com/scripts/sak/ Frame F841 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/js/izooto/db04b7e80825ebbe7211052ca9638d056f74acc8-1.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.216.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cebfa75512f12a4d2f05cacae40f83ddc3e1efaf90aba3d5c9eabe0625a94858
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-origin
*
age
1875690
cache-control
public, max-age=2678400
cf-cache-status
HIT
cf-ray
76efd4ee6b5c5503-SYD
content-encoding
br
content-type
text/html
date
Thu, 24 Nov 2022 05:44:16 GMT
expires
Sun, 25 Dec 2022 05:44:16 GMT
last-modified
Tue, 05 Apr 2022 12:00:20 GMT
server
cloudflare
vary
Accept-Encoding
x-xss-protection
1; mode=block
tnhome172.jpg
s.isanook.com/hm/0/ud/7/35005/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/hm/0/ud/7/35005/tnhome172.jpg?ip/crop/w140h85/q80/webp
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
ec3e73994240f1fa56aacecf547b95c027f99ca35407cd679e0aa609eb5120be
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 10:44:35 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
content-type
image/webp
x-nws-log-uuid
448255504614863684
accept-ranges
bytes
content-length
1612
nontsea.jpg
s.isanook.com/ns/0/ud/1727/8638838/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/ud/1727/8638838/nontsea.jpg?ip/crop/w140h85/q80/webp
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
5b8d469046c33ff85af2edfe4225d0e3b241c3ca53bb568f2e06237167c2cf0e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:17 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Miss, Hit From Inner Cluster
server
Lego Server
age
0
content-type
image/webp
x-nws-log-uuid
12006785211334259999
accept-ranges
bytes
content-length
3524
tnhome232.jpg
s.isanook.com/hm/0/ud/7/35497/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/hm/0/ud/7/35497/tnhome232.jpg?ip/crop/w140h85/q80/webp
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
8ba8171380d43be26900bdcae86dc40db782f43072fba0455adfcee3a1ee517d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 03:19:13 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
content-type
image/webp
x-nws-log-uuid
13767945446417914193
accept-ranges
bytes
content-length
3426
logo-sanook-app02.svg
s.isanook.com/sr/0/images/icon/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/icon/logo-sanook-app02.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
4d59a5633f0c0824633eb8631d3219b6893ab33de44b2f7989f7828bc599e9e9

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 10:53:29 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Tue, 15 Nov 2022 11:33:08 GMT
server
Lego Server
age
0
etag
W/"637378f4-183b"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
6020182195219457697
accept-ranges
bytes
content-length
2091
expires
Fri, 16 Dec 2022 10:53:29 GMT
ico-ios.svg
s.isanook.com/sr/0/images/icon/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/icon/ico-ios.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
734b814220ae9a3d44b59d48528f68672c9e17be6857b1dfacb6f18a37fd172b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 18:37:44 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Tue, 15 Nov 2022 11:33:08 GMT
server
Lego Server
age
428127
etag
W/"637378f4-b27"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
1348310706471492142
accept-ranges
bytes
content-length
982
expires
Sat, 17 Dec 2022 18:37:44 GMT
ico-android.svg
s.isanook.com/sr/0/images/icon/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/icon/ico-android.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
13c6f1aeadd5d8c5f426b3658373db80484f412addc0070139bb11ec99f7435a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 15:18:49 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 18 Nov 2022 09:28:49 GMT
server
Lego Server
age
9644
etag
W/"63775051-12a2"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
3245721712568030660
accept-ranges
bytes
content-length
1400
expires
Tue, 20 Dec 2022 15:18:49 GMT
speech.gif
s.isanook.com/sr/0/images/icon/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/icon/speech.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
458f47c8d4e71d58a27ff10bd155f9f77a2f630cba8d0479f5810cb74bd8596b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 21:38:49 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Mon, 21 Nov 2022 11:44:47 GMT
server
Lego Server
age
0
etag
"637b64af-60d"
content-type
image/gif
cache-control
s-maxage=10
x-nws-log-uuid
8162679486327902598
accept-ranges
bytes
content-length
1549
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=14617386&cs_it=b3&cv=3.8.0.210223&ns__t=1669268656514&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&c8=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&cs_it=b3&cv=3.8.0.210223&ns__t=1669268656514&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&c8=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%8...
0
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&cs_it=b3&cv=3.8.0.210223&ns__t=1669268656514&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&c8=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB%E0%B8%A3%E0%B8%B7%E0%B8%AD%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%84%E0%B8%AB%E0%B8%99%E0%B8%A1%E0%B8%B5%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%87&c9=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Server
13.33.88.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-55.sin2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:18 GMT
via
1.1 e25f1b4aa5076f3a6a2551c87259c664.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-cf-id
oMsuuSufl10vhiJZbjkSsIFlyIYuINbXCBayVKQtg7Yr9Tc8h082VA==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=14617386&cs_it=b3&cv=3.8.0.210223&ns__t=1669268656514&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&c8=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB%E0%B8%A3%E0%B8%B7%E0%B8%AD%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%84%E0%B8%AB%E0%B8%99%E0%B8%A1%E0%B8%B5%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%87&c9=
date
Thu, 24 Nov 2022 05:44:17 GMT
via
1.1 e25f1b4aa5076f3a6a2551c87259c664.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
content-length
0
x-amz-cf-id
8Wu8nZR3KExKrC5qgEUwQEqjTMmeX6KbajA2ObLi1FSTyrMdzMYXdA==
x-cache
Miss from cloudfront
sdk.js
connect.facebook.net/en_US/ 		300 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=c6cbad2e1e2835831353808bd3b915a1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.217.15 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-xsp1.fbcdn.net
Software
/
Resource Hash
abdcbd0e60f62a50b0d3271f92f39525074c9fca5339df5692b764322a2dd2ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 24 Nov 2022 05:44:18 GMT
content-md5
DxhCOX+GLS0S8TbxiGHvhw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86898
x-fb-rlafr
0
x-fb-debug
m2Eoy/rfmsmR3x4/ue270zCNO+hki8H+X1ufoAJVZc4N39wNBBG8OGdUd3le4X626uyAvhPJQWz8XAXf9PK+GQ==
x-fb-content-md5
a8a65dd42c2060da53f8b409a4adda7c
cross-origin-opener-policy
same-origin-allow-popups
etag
"f9cbe3e9b1712eb5e9760e85028a46de"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 24 Nov 2023 04:46:00 GMT
dc-script-v2.min.js
sal.isanook.com/dc/ 		25 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sal.isanook.com/dc/dc-script-v2.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.94.165 Bangkok, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-94-165.static.asianet.co.th
Software
nginx /
Resource Hash
3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 05:44:17 GMT
Last-Modified
Mon, 16 Nov 2020 11:46:30 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25278
Expires
Sat, 24 Dec 2022 05:44:17 GMT
advert.gif
code.th.giraff.io/data/ 		43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://code.th.giraff.io/data/advert.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.79.123 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:17 GMT
cf-cache-status
HIT
age
53
cf-polished
status=not_needed
content-length
43
cf-bgj
imgq:85,h2pri
last-modified
Mon, 15 Aug 2022 17:16:01 GMT
server
cloudflare
etag
"62fa7f51-2b"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
cf-ray
76efd4f72898ab01-SYD
expires
Thu, 24 Nov 2022 05:44:23 GMT
/
www.google.co.nz/pagead/1p-conversion/1007499765/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=1379928338&cv=11&fst=1669268655731&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=JxFSCKqXqfMBEPXzt...
  • https://www.google.com/pagead/1p-conversion/1007499765/?random=1379928338&cv=11&fst=1669268655731&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadse...
  • https://www.google.co.nz/pagead/1p-conversion/1007499765/?random=1379928338&cv=11&fst=1669268655731&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=JxFSCKqXqfMBEPXztOAD&hn=www.googlead...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.nz/pagead/1p-conversion/1007499765/?random=1379928338&cv=11&fst=1669268655731&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&tiba=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB&value=0&auid=260535345.1669268656&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tiM213WVEzcm14eEtLWXhZeUZBUklsQVB4VTFaUUFzbFMyZWU5QUN5akp3X3hYOEVaaVNvMk9IV2p2Sl85MjMxWjN2Y3R2dHcaWENoRUlnS2IzbXdZUWpJN2xfOHpHX1BUVkFSSXRBSlNlMERlUUZHRkRXTDZVbWlBWVdrU2VWckpnc1FzcnAwWklGY0QtWDh5alpGNThzU2RnSUUzZmVWSW8&is_vtc=1&ocp_id=sQR_Y6SfDvvC4t4PrN6-wA4&cid=CAQSKQDq26N9DFohFlfv7bByq8C1_sWuASEAzRfKLL40VZexIa0TmYviefmLIBM&eitems=ChAIgKb3mwYQi8OzmN7A5bY-Eh0A7JgbwixuFi2S3KJb5Lk_-7bRntzKP_wPz5cgcQ&random=4286054044&ipr=y&prhg=0
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:19 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:18 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.co.nz/pagead/1p-conversion/1007499765/?random=1379928338&cv=11&fst=1669268655731&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&tiba=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB&value=0&auid=260535345.1669268656&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tiM213WVEzcm14eEtLWXhZeUZBUklsQVB4VTFaUUFzbFMyZWU5QUN5akp3X3hYOEVaaVNvMk9IV2p2Sl85MjMxWjN2Y3R2dHcaWENoRUlnS2IzbXdZUWpJN2xfOHpHX1BUVkFSSXRBSlNlMERlUUZHRkRXTDZVbWlBWVdrU2VWckpnc1FzcnAwWklGY0QtWDh5alpGNThzU2RnSUUzZmVWSW8&is_vtc=1&ocp_id=sQR_Y6SfDvvC4t4PrN6-wA4&cid=CAQSKQDq26N9DFohFlfv7bByq8C1_sWuASEAzRfKLL40VZexIa0TmYviefmLIBM&eitems=ChAIgKb3mwYQi8OzmN7A5bY-Eh0A7JgbwixuFi2S3KJb5Lk_-7bRntzKP_wPz5cgcQ&random=4286054044&ipr=y&prhg=0
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
sffe /
Resource Hash
2789661e67642847c0582652469996d40ea33e2750544195743cf7e2532e4836
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27210
x-xss-protection
0
server
sffe
etag
"1401 / 732 of 1000 / last-modified: 1669244741"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 24 Nov 2022 05:44:18 GMT
dc.js
avd.innity.net/lib/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/lib/dc.js
Requested by
Host: avd.innity.net
URL: https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.84.172.224 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-172-224.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Unused62
8096267
Date
Thu, 24 Nov 2022 05:44:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Oct 2021 06:40:46 GMT
Server
nginx/1.20.1
ETag
"61725cee-5149-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2017071
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6407
Expires
Sat, 17 Dec 2022 14:02:09 GMT
container_5f47736a47e7049801000002.js
avd.innity.net/261/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/261/container_5f47736a47e7049801000002.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.84.172.224 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-172-224.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Unused62
8096267
Date
Thu, 24 Nov 2022 05:44:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Sep 2020 01:58:26 GMT
Server
nginx/1.18.0
ETag
"5f73e642-1eac-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=1150185
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2870
Expires
Wed, 07 Dec 2022 13:14:03 GMT
/
www.google.com/pagead/1p-user-list/408516141/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/408516141/?random=1669268655741&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&tiba=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB&fmt=3&is_vtc=1&random=1218789491&rmt_tld=0&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f106.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:18 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.nz/pagead/1p-user-list/408516141/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.nz/pagead/1p-user-list/408516141/?random=1669268655741&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&tiba=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB&fmt=3&is_vtc=1&random=1218789491&rmt_tld=1&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:19 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 24 Nov 2022 03:53:02 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6677
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 24 Nov 2022 05:53:02 GMT
js
www.googletagmanager.com/gtag/ 		211 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Requested by
Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=GTM-NBRLWV4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
1f2ab1dff23a9bdf27eb5500fcac9245201cd1021d01b623894ec3c6012077f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75667
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 24 Nov 2022 05:44:19 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1489944661112333&ev=PageView&dl=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&rl=&if=false&ts=1669268657714&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669268657713.2108965881&it=1669268655804&coo=false&rqm=GET
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.217.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-xsp1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 24 Nov 2022 05:44:19 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
graph.sanook.com/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getDiscussion&variables=%7B%22app%22%3A%22home%22%2C%22entryId%22%3A%2225321%22%2C%22orderBy%22%3A%22DESC%22%2C%22limit%22%3A3%2C%22first%22%3A20%2C%22status%22%3A%5B%22online%22%2C%22approve%22%2C%22pending%22%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22a59061cdbb7378531ac02ef6b766b1fa659bd748%22%7D%7D
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-b1a8206d5a68393595d1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.93.41 Bangkok, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-41.static.asianet.co.th
Software
nginx /
Resource Hash
1fe5a6871f4b3be10203452ab3d84986719e3e0908b6dec7320a11b2e5c99cf0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept
*/*
Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
XPURGE
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

Date
Thu, 24 Nov 2022 05:44:19 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Server
nginx
Transfer-Encoding
chunked
X-Cache
BYPASS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Vary
Accept-Encoding, Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
/
graph.sanook.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getDiscussion&variables=%7B%22app%22%3A%22home%22%2C%22entryId%22%3A%2225321%22%2C%22orderBy%22%3A%22DESC%22%2C%22limit%22%3A3%2C%22first%22%3A20%2C%22status%22%3A%5B%22online%22%2C%22approve%22%2C%22pending%22%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22a59061cdbb7378531ac02ef6b766b1fa659bd748%22%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.93.41 Bangkok, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-41.static.asianet.co.th
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,xpurge
Access-Control-Request-Method
GET
Origin
https://www.sanook.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Max-Age
300
Connection
keep-alive
Date
Thu, 24 Nov 2022 05:44:18 GMT
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Vary
Origin
X-Cache
BYPASS
sanookcom-home.js
data.th.giraff.io/track/ 		78 B
353 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.th.giraff.io/track/sanookcom-home.js?r=&u=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&rand=0.12202428394688836&v=202210121845&vis=1&callback=cbGeo926761575&sp=h
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-sanookcom-home.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
209.58.178.57 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
7f92983638b4a71c8c67844f3af4d823315e90d34ca35768518480885f8fa164

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
application/javascript; charset=utf-8
date
Thu, 24 Nov 2022 05:44:20 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
/
graph.facebook.com/ 		231 B
211 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?id=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&callback=_grf_9626038996412485
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-sanookcom-home.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.217.17 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-shv-01-xsp1.facebook.com
Software
/
Resource Hash
31c63b0033df6ca33ccf1d4ede2f8f18caf06653947376fa6a07df3ac9500e1c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
date
Thu, 24 Nov 2022 05:44:20 GMT
x-fb-rev
1006637098
alt-svc
h3=":443"; ma=86400
content-length
175
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
UTC428vAlltUOQEFiuFxIIrDBoPlBhP8a7RxKhB6ymdw6ohv5M+FdSVrdyk3ssEWRLnca7tJWy4x7QHfryYl0g==
x-fb-trace-id
Gh2LyMdMlhd
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
ACIUiI2Rd2HPTA54iSsVekr
cache-control
no-store
facebook-api-version
v9.0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
share.php
vk.com/ 		21 B
567 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/share.php?act=count&url=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&index=0
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-sanookcom-home.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.129.133 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv133-129-240-87.vk.com
Software
kittenx / KPHP/7.4.112728
Resource Hash
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:20 GMT
content-encoding
gzip
x-frontend
front609305
strict-transport-security
max-age=15768000
server
kittenx
x-powered-by
KPHP/7.4.112728
content-type
text/html; charset=windows-1251
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
41
dk
connect.ok.ru/ 		25 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-sanookcom-home.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.20.155.208 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
ip208.155.odnoklassniki.ru
Software
apache /
Resource Hash
48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a
Security Headers
Name Value
Content-Security-Policy default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security max-age=63072000;includeSubdomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:21 GMT
content-security-policy
default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000;includeSubdomains;preload
content-encoding
br
content-security-policy-report-only
default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
rendered-blocks
WidgetExtLike
x-xss-protection
1; mode=block
pragma
no-cache
server
apache
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
www.facebook.com/tr/ Frame 9318 		0
202 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.217.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-xsp1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.sanook.com
Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.sanook.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Thu, 24 Nov 2022 05:44:19 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
jquery-1.8.3.min.js
s.isanook.com/sh/0/js/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/js/jquery-1.8.3.min.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-b1a8206d5a68393595d1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 01:55:09 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 18 Sep 2013 06:11:51 GMT
server
Lego Server
age
0
etag
W/"52394427-16dc4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
16985119137997438441
accept-ranges
bytes
content-length
33479
expires
Sun, 18 Dec 2022 01:55:09 GMT
/
avd.innity.com/dc/cb/ 		59 B
707 B 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by
Host: avd.innity.net
URL: https://avd.innity.net/lib/dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
eb0d6fee256743adb2eb80be9455dfde6d4ac7d18509904a5cf2015dadb670e5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:20 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Nov 2022 05:44:20 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
79
Expires
Wed, 04 Aug 1985 12:59:00 GMT
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149645
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 22 Nov 2023 12:10:15 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.sanook.com
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
6efc3688c28ee7b57861ec7a9d4bf85de6af635d47ffae54a8a1369ca300843e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
405
x-xss-protection
0
expires
Thu, 24 Nov 2022 05:44:19 GMT
like.php
www.facebook.com/v2.9/plugins/ Frame 319C 		49 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.9/plugins/like.php?action=like&app_id=1675028022749749&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df31bd0fd06e8d6%26domain%3Dwww.sanook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.sanook.com%252Ff1a9b39d5246f38%26relation%3Dparent.parent&color_scheme=light&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fsanookhome%2F&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=small&width=270
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=c6cbad2e1e2835831353808bd3b915a1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.217.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-xsp1.facebook.com
Software
/
Resource Hash
e17a12f3211df9c07f38064a5806d3567805e58f9c259a5bb3007d3046a9928c
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Thu, 24 Nov 2022 05:44:19 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v9.0
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
RkY7xrApcc+6o+jKm2LakehZP2q18S65m6pTv65S4Tz27af9hzKDE8QBjlKS+QPng0QPz8/n12I8WzcOgoJUwQ==
x-fb-rlafr
0
x-xss-protection
0
getimage.php
getimage-member.sanook.com/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://getimage-member.sanook.com/getimage.php?avatartype=2&gender=1&imgurl=http://member.sanook.com/sanookmemberimage/58be6813-b1bc-4158-84a5-bd57807a071e.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.94.166 Bangkok, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-94-166.static.asianet.co.th
Software
/
Resource Hash
8ec2411a1dcd8916beb0d3cd70561f558f77738ca712b610e1c229b10f9931ae

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 05:44:20 GMT
Connection
keep-alive
Age
0
Accept-Ranges
bytes
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/jpeg
collect
analytics.google.com/g/ 		0
337 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-M0RYDTKBFK&gtm=2oeb90&_p=672208246&_gaz=1&cid=521977081.1669268660&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&sid=1669268659&sct=1&seg=0&dt=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB%E0%B8%A3%E0%B8%B7%E0%B8%AD%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%84%E0%B8%AB%E0%B8%99%E0%B8%A1%E0%B8%B5%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%87&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_editor=Suwimol%20Lucksaniyanont&ep.content_source=S!%20Home%20(Rewrite)&ep.content_category=tips&ep.user_session_id=1669268657662.xt3iu37m&ep.content_tag_primary=covid-19&ep.content_tag_secondary=%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19&ep.content_unique_id=25321&ep.content_editorial_type=editorial&ep.content_publication_date=2020-05-06&ep.content_publication_time=11%3A36&ep.content_partner=S!%20Home%20(Rewrite)&ep.content_number_of_characters=2479&ep.content_channel=home&ep.content_page_format=readpage&ep.content_tags=covid-19%2C%20%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%2C%20%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%2C%20%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B8%9E%E0%B8%A5%E0%B8%B2%E0%B8%AA%E0%B8%95%E0%B8%B4%E0%B8%81%2C%20%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%20pvc%2C%20%E0%B9%80%E0%B8%84%E0%B8%A5%E0%B9%87%E0%B8%94%E0%B8%A5%E0%B8%B1%E0%B8%9A%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%99&ep.content_type=article&ep.adblock_tracker=false&ep.article_read=1&upn.user_login=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M0RYDTKBFK&cid=521977081.1669268660&gtm=2oeb90&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.nz/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.nz/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M0RYDTKBFK&cid=521977081.1669268660&gtm=2oeb90&aip=1&z=920478211
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=672208246&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&ul=en-us&de=UTF-8&dt=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB%E0%B8%A3%E0%B8%B7%E0%B8%AD%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%84%E0%B8%AB%E0%B8%99%E0%B8%A1%E0%B8%B5%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%87&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABQAAAACAEK~&jid=1948505704&gjid=1382554272&cid=521977081.1669268660&tid=UA-8147095-6&_gid=1992378713.1669268660&_r=1&gtm=2wgb90PNXLXRS&cd1=Suwimol%20Lucksaniyanont&cd2=S!%20Home%20(Rewrite)&cd3=tips&cd4=0&cd12=1669268657664.zcgzb5ik&cd13=covid-19&cd14=%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19&cd15=25321&cd16=editorial&cd17=2020-05-06&cd18=11%3A36&cd19=S!%20Home%20(Rewrite)&cd21=2479&cd22=home&cd23=readpage&cd33=covid-19%2C%20%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%2C%20%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%2C%20%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B8%9E%E0%B8%A5%E0%B8%B2%E0%B8%AA%E0%B8%95%E0%B8%B4%E0%B8%81%2C%20%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%20pvc%2C%20%E0%B9%80%E0%B8%84%E0%B8%A5%E0%B9%87%E0%B8%94%E0%B8%A5%E0%B8%B1%E0%B8%9A%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%99&cd34=article&cd35=S!%20Home%20(Rewrite)&cd36=tips&cd43=0&cm5=1&z=1049555251
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 319C 		299 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.9/plugins/like.php?action=like&app_id=1675028022749749&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df31bd0fd06e8d6%26domain%3Dwww.sanook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.sanook.com%252Ff1a9b39d5246f38%26relation%3Dparent.parent&color_scheme=light&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fsanookhome%2F&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=small&width=270
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.217.15 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-xsp1.fbcdn.net
Software
/
Resource Hash
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:20 GMT
x-content-type-options
nosniff
content-md5
OIlAxCmR79nrM/Ez4ygGlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
299
x-fb-rlafr
0
x-fb-debug
a33n8bj2w1LNnJ44KNJiKHY7A8Zl8Qz986wNPWtUey/pNR9Jt4Y4u0crrtcLP9w2Q2pH8vRhmci6sr9OWazQQg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 13 Nov 2023 22:48:39 GMT
NXl17KkqDoN.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/y8/l/en_US/ Frame 319C 		541 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/y8/l/en_US/NXl17KkqDoN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.9/plugins/like.php?action=like&app_id=1675028022749749&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df31bd0fd06e8d6%26domain%3Dwww.sanook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.sanook.com%252Ff1a9b39d5246f38%26relation%3Dparent.parent&color_scheme=light&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fsanookhome%2F&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=small&width=270
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.217.15 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-xsp1.fbcdn.net
Software
/
Resource Hash
54f28896954199de4b7f4d570a152f04844bfa027034442d9a99c26937c3924b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
6JEiZxe8IU/5PKi8i9rwNA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
143965
x-fb-rlafr
0
x-fb-debug
uIaAC2kIVsIzxTx+EP5N++FESvntNPP/X6L8akCPVyOnTsc4r0stOpcRkiRAyLxle84XK/pguXgKLayZsdcB7w==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Mon, 13 Nov 2023 00:27:18 GMT
list
a.th.giraff.io/rtb/match/ 		55 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/rtb/match/list
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.249.95 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
68373eec97343cf05d245626b50d5afad969c2384fd23eb1a7be48cfb449a39b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:20 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-max-age
1728000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
257036.js
a.th.giraff.io/data/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/257036.js?json=1&async=1&cs=utf-8&rand=0.7742080181590916&num=9&as=&nodupes=1&callback=callback29054997967495755
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-sanookcom-home.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.249.95 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
080a24e8a5e804a8a87928cdd916cc8a716824759b6244499dc8c6c09b7d2445

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:21 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR", policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
access-control-max-age
1728000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
collect
stats.g.doubleclick.net/j/ 		7 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-8147095-6&cid=521977081.1669268660&jid=1948505704&gjid=1382554272&_gid=1992378713.1669268660&_u=YADAAEAAQAAAACAEK~&z=495057783
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
350a787a722a405da6e1c1c8de24d50a63726bef3d25e8fb020352e60ef35ee2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 24 Nov 2022 05:44:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
avd.innity.com/dc/ 		43 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/dc/?cl=225&cuid=4d0689ebebc4ce56596ccf5d7ad4691b&cb=1669268660692&douid=&sess=13990706.225.1669268660692&dur=0&ref=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&srf=&pk=&pt=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB%E0%B8%A3%E0%B8%B7%E0%B8%AD%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%84%E0%B8%AB%E0%B8%99%E0%B8%A1%E0%B8%B5%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%87&sr=1600x1200&ul=en-US&de=UTF-8&vp=1600x1200
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:24 GMT
Last-Modified
Thu, 24 Nov 2022 05:44:24 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
/
avd.innity.com/sync/ 		43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/sync/?partner=innity&token=4d0689ebebc4ce56596ccf5d7ad4691b&type=cookie&itmcb=1669268660693
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:21 GMT
Last-Modified
Thu, 24 Nov 2022 05:44:21 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
sync
code.yengo.com/
Redirect Chain
  • https://s.uuidksinc.net/match/480/?remote_uid=367985734
  • https://code.yengo.com/sync?dsp=kadam&id=BoYlq4lWAIsO2dd7knb2
43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://code.yengo.com/sync?dsp=kadam&id=BoYlq4lWAIsO2dd7knb2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Server
23.106.249.95 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 24 Nov 2022 05:44:25 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

Redirect headers

location
https://code.yengo.com/sync?dsp=kadam&id=BoYlq4lWAIsO2dd7knb2
date
Thu, 24 Nov 2022 05:44:24 GMT
server
nginx/1.19.0
content-length
0
cdb
bidder.criteo.com/ 		175 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=23676135191
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
6990cfad4e4132146ad6698cf9d4baaac8ee207b92a603d47be091f77a882bdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 24 Nov 2022 05:44:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
165
cdb
bidder.criteo.com/ 		176 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=70261596695
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
dc2ba1ee2b3ad0d45daa0260a95704b9154216e7f41e835afd8570fed2614fb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 24 Nov 2022 05:44:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
166
cdb
bidder.criteo.com/ 		171 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=47716656291
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
dde449ad98d9cb902a2cebc6fa388800968da80fb823743edccb3aae0a144008
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 24 Nov 2022 05:44:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
165
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Thu, 24 Nov 2022 05:44:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Thu, 24 Nov 2022 05:44:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		169 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=44999468806
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
880b0eaf4249b9e136ff923665d40fdb50e83e0c2ba219dcd911909c4d84bf3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 24 Nov 2022 05:44:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
162
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Thu, 24 Nov 2022 05:44:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96919b0183839d590fa24b427700d9&pos=8a969dad0183839d5362a25fdbee0126&cmd=bid&secure=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
a4bf1553e65e0b64856339698b2521d5fc3efacd32246077ffe355fc2bbd7715

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 24 Nov 2022 05:44:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
content-length
62
213794966
fundingchoicesmessages.google.com/i/ 		110 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/213794966?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f138.1e100.net
Software
ESF /
Resource Hash
ddf10c8a7194c3db6494c341aba045de24ce3e0ef5a51ab88e92a7d66984172e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5H9wfY07xPCelZEyErXCSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:24 GMT
content-security-policy
script-src 'report-sample' 'nonce-5H9wfY07xPCelZEyErXCSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-8147095-6&cid=521977081.1669268660&jid=1948505704&_u=YADAAEAAQAAAACAEK~&z=923403505
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f106.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.nz/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.nz/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-8147095-6&cid=521977081.1669268660&jid=1948505704&_u=YADAAEAAQAAAACAEK~&z=923403505
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
257045.js
a.th.giraff.io/data/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/257045.js?json=1&async=1&cs=utf-8&rand=0.9864729320579624&num=2&as=653786%3A2841952%3A2841950%3A2841956%3A653805%3A2841953%3A2841954%3A2841955%3A2841949&nodupes=1&callback=callback6932428286367016
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-sanookcom-home.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.249.95 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
0099a79fd14c9c7f6306c7c0767279f4b53b37eb13d0d6d2a77d51d150d2d960

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:23 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
access-control-max-age
1728000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
598450.jpg
cdn.th.giraff.io/cdn/images/300x200/50/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/300x200/50/598450.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.26.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a6ef10f6238d90fe58fb1a1c351da8eae76a7137f090615d7df3ce31887deb1

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:23 GMT
cf-cache-status
HIT
age
5760
cf-polished
qual=85, origFmt=jpeg, origSize=22979
content-disposition
inline; filename="598450.webp"
content-length
9224
cf-bgj
imgq:85,h2pri
last-modified
Thu, 24 Nov 2022 04:07:04 GMT
server
cloudflare
etag
"637eede8-59c3"
access-control-max-age
1728000
vary
Accept
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
76efd51dea50a813-SYD
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 24 Dec 2022 04:08:23 GMT
2726938.jpg
cdn.th.giraff.io/cdn/images/300x200/38/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/300x200/38/2726938.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.26.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
977b635e4f21c6cc0272daeb93becafa24da94f3f20747263444219819741301

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:23 GMT
cf-cache-status
HIT
age
176839
cf-polished
qual=85, origFmt=jpeg, origSize=32743
content-disposition
inline; filename="2726938.webp"
content-length
15912
cf-bgj
imgq:85,h2pri
last-modified
Tue, 22 Nov 2022 04:34:04 GMT
server
cloudflare
etag
"637c513c-7fe7"
access-control-max-age
1728000
vary
Accept
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
76efd51dea54a813-SYD
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 22 Dec 2022 04:37:04 GMT
2726936.jpg
cdn.th.giraff.io/cdn/images/300x200/36/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/300x200/36/2726936.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.26.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f286e834c74c5cd50fe25466a3f2715da037725618fc59f0e63d9e61c9b3103

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:23 GMT
cf-cache-status
HIT
age
172910
cf-polished
qual=85, origFmt=jpeg, origSize=24872
content-disposition
inline; filename="2726936.webp"
content-length
11468
cf-bgj
imgq:85,h2pri
last-modified
Thu, 17 Nov 2022 10:00:41 GMT
server
cloudflare
etag
"63760649-6128"
access-control-max-age
1728000
vary
Accept
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
76efd51dea56a813-SYD
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 22 Dec 2022 05:42:33 GMT
2726942.jpg
cdn.th.giraff.io/cdn/images/300x200/42/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/300x200/42/2726942.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.26.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bae2371550aa03e7f7941f8cae206a42431ca591fb78790b75f8e669f8507f1c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:23 GMT
cf-cache-status
HIT
age
177240
cf-polished
qual=85, origFmt=jpeg, origSize=24935
content-disposition
inline; filename="2726942.webp"
content-length
11680
cf-bgj
imgq:85,h2pri
last-modified
Thu, 17 Nov 2022 10:00:09 GMT
server
cloudflare
etag
"63760629-6167"
access-control-max-age
1728000
vary
Accept
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
76efd51dea59a813-SYD
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 22 Dec 2022 04:30:23 GMT
598469.jpg
cdn.th.giraff.io/cdn/images/300x200/69/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/300x200/69/598469.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.26.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b302b2715068db522ce00a944ac9e8e30153217d0f678c014b6dd7d6a92feed

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:24 GMT
cf-cache-status
HIT
age
5761
cf-polished
qual=85, origFmt=jpeg, origSize=18039
content-disposition
inline; filename="598469.webp"
content-length
7508
cf-bgj
imgq:85,h2pri
last-modified
Thu, 24 Nov 2022 04:07:04 GMT
server
cloudflare
etag
"637eede8-4677"
access-control-max-age
1728000
vary
Accept
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
76efd523bc33a813-SYD
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 24 Dec 2022 04:08:23 GMT
2726939.jpg
cdn.th.giraff.io/cdn/images/300x200/39/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/300x200/39/2726939.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.26.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cf25de203abd48ef83b4a2591c1648b0bab022fb93a131e7fc0255a68b9f555

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:24 GMT
cf-cache-status
HIT
age
176840
cf-polished
qual=85, origFmt=jpeg, origSize=25291
content-disposition
inline; filename="2726939.webp"
content-length
12332
cf-bgj
imgq:85,h2pri
last-modified
Tue, 22 Nov 2022 04:34:05 GMT
server
cloudflare
etag
"637c513d-62cb"
access-control-max-age
1728000
vary
Accept
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
76efd523cc47a813-SYD
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 22 Dec 2022 04:37:04 GMT
2726940.jpg
cdn.th.giraff.io/cdn/images/300x200/40/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/300x200/40/2726940.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.26.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bae2371550aa03e7f7941f8cae206a42431ca591fb78790b75f8e669f8507f1c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:24 GMT
cf-cache-status
HIT
age
176840
cf-polished
qual=85, origFmt=jpeg, origSize=24935
content-disposition
inline; filename="2726940.webp"
content-length
11680
cf-bgj
imgq:85,h2pri
last-modified
Tue, 22 Nov 2022 04:34:04 GMT
server
cloudflare
etag
"637c513c-6167"
access-control-max-age
1728000
vary
Accept
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
76efd523cc4aa813-SYD
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 22 Dec 2022 04:37:04 GMT
2726941.jpg
cdn.th.giraff.io/cdn/images/300x200/41/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/300x200/41/2726941.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.26.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cf25de203abd48ef83b4a2591c1648b0bab022fb93a131e7fc0255a68b9f555

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:24 GMT
cf-cache-status
HIT
age
177239
cf-polished
qual=85, origFmt=jpeg, origSize=25291
content-disposition
inline; filename="2726941.webp"
content-length
12332
cf-bgj
imgq:85,h2pri
last-modified
Thu, 17 Nov 2022 10:00:09 GMT
server
cloudflare
etag
"63760629-62cb"
access-control-max-age
1728000
vary
Accept
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
76efd523cc4ca813-SYD
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 22 Dec 2022 04:30:24 GMT
2726935.jpg
cdn.th.giraff.io/cdn/images/300x200/35/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/300x200/35/2726935.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.26.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
977b635e4f21c6cc0272daeb93becafa24da94f3f20747263444219819741301

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
cf-cache-status
HIT
age
109465
cf-polished
qual=85, origFmt=jpeg, origSize=32743
content-disposition
inline; filename="2726935.webp"
content-length
15912
cf-bgj
imgq:85,h2pri
last-modified
Tue, 22 Nov 2022 04:34:05 GMT
server
cloudflare
etag
"637c513d-7fe7"
access-control-max-age
1728000
vary
Accept
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
76efd525ef85a813-SYD
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 22 Dec 2022 23:20:00 GMT
logo.svg
code.th.giraff.io/data/ 		12 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://code.th.giraff.io/data/logo.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.79.123 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd396cba7949e705825c1cfc7f12946cce49176ee3d7da4ca179aa864674674d

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 16 Aug 2022 08:20:18 GMT
server
cloudflare
age
33
etag
W/"62fb5342-30d7"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=60
cf-ray
76efd525ed29ab01-SYD
expires
Thu, 24 Nov 2022 05:44:52 GMT
arj
tencentth-d.openx.net/w/1.0/ 		173 B
591 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tencentth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=deea5725-d6d7-4bc9-ada2-c844f1bbf463&nocache=1669268661872&aus=300x250&divids=rgpt-reca-7&aucs=%252F4899711%252Fhome.sanook%252Fdesktop%252Ftips%252Freadpage%252Freca&auid=542511420
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
b926fc5a4899f8b35b315bfba6adc485e8b39f042de248af74aaa5b5b1036528

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:22 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sanook.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
expires
Mon, 26 Jul 1997 05:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=575406&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2211de7a93a2e2998%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.3%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221289472d1f29ccf%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F4899711%2Fhome.sanook%2Fdesktop%2Ftips%2Freadpage%2Freca%22%2C%22gpid%22%3A%22%2F4899711%2Fhome.sanook%2Fdesktop%2Ftips%2Freadpage%2Freca%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
949ccd2a2c011dab797e079fd241c79bc668e728a8c2f59970deaffe8eb5a436

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Z8O76eZ4UHhCvm58YEHDXQHhzTmJJedi0Cdqtwf0old9difHEWbjntP9NHh3ZpFsjXB8gMhPLEJTPzCRZiMWLM1oCCe%2FUlw8GVZ5sjgr6iiFzoMIkx963wsYV2bficA3WFDNzTO"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
76efd512ab8d1c4d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96919b0183839d590fa24b427700d9&pos=8a969dad0183839d5362a25fdbee0126&cmd=bid&secure=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
9559b541e0932088ef9971d190c2abed6f794b2964183b219f996b9105dccd49

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 24 Nov 2022 05:44:22 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
content-length
62
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c384bd8a806ed39f853e719190fbb0931b24191addc2e90c04c6e0afe4aaa6e3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:22 GMT
AN-X-Request-Uuid
6a290599-187d-474a-817c-95106a03d4a3
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		313 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17864&site_id=385176&zone_id=2142876&size_id=15&rf=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&tg_i.pbadslot=%2F4899711%2Fhome.sanook%2Fdesktop%2Ftips%2Freadpage%2Freca&tk_flint=pbjs_lite_v6.29.3&x_source.tid=deea5725-d6d7-4bc9-ada2-c844f1bbf463&l_pb_bid_id=189a25a9f80f6cc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F4899711%2Fhome.sanook%2Fdesktop%2Ftips%2Freadpage%2Freca&slots=1&rand=0.6851620006273758
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d061123736a05ff269fd2b8a800f730af3b7a97abeac5781000c192903bbf7fd

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:23 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
313
expires
Wed, 17 Sep 1975 21:32:10 GMT
/
as.innity.com/synd/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://as.innity.com/synd/?cb=1669268661885&ver=2&hb=1&output=js&pub=413&zone=68081&url=https%253A%252F%252Fwww.sanook.com%252Fhome%252F25321%252F&width=300&height=250&vpw=1600&vph=1200&callback=json&callback_uid=200873a6852c8aa&auction=ab1e8661-7ef0-4e4f-9b51-7f8b38c74ae0
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.141 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
8d.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
7370f526ceb716db8adcda4da04b867b68190adb6976c1ba6563d9cf4253efc2

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Nov 2022 05:44:22 GMT
Server
Apache
Access-Control-Max-Age
86400
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sanook.com
Content-Type
application/json; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Content-Length
844
Expires
Sat, 03 Sep 1983 02:00:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.221.62 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-221-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:22 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 24 Nov 2022 05:44:22 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Thu, 24 Nov 2022 05:44:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb
rtb-eu.andbeyond.media/ 		232 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-eu.andbeyond.media/hb?zone=136922&v=1.6
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
d06e6259246aa5177a050b9abb0c5e921dad8e858168ba6e2d786a261536f35e

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:22 GMT
Server
nginx
Age
0
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
232
events
bidder.criteo.com/csm/ 		0
215 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 24 Nov 2022 05:44:24 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bid-request
a.teads.tv/hb/ 		16 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.221.62 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-221-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:22 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 24 Nov 2022 05:44:22 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
346b865be50e9cc743218381994c3acc06e7b6d144a39811f760a904f36687f2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:22 GMT
AN-X-Request-Uuid
87b18e95-3e66-4f2f-b9fd-78574a8f190d
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
rtb-eu.andbeyond.media/ 		232 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-eu.andbeyond.media/hb?zone=136924&v=1.6
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
17e8c8d4fe61b7fec5cd461b3b1e765ff00444daaefe52ffb79a8c6230cd2196

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:22 GMT
Server
nginx
Age
0
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
232
/
as.innity.com/synd/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://as.innity.com/synd/?cb=1669268661919&ver=2&hb=1&output=js&pub=413&zone=68083&url=https%253A%252F%252Fwww.sanook.com%252Fhome%252F25321%252F&width=728&height=90&vpw=1600&vph=1200&callback=json&callback_uid=37c0fcf20bb9bb4&auction=eacd8067-4de6-47b4-9cd2-735e017cc920
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.141 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
8d.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
a783b176ba9b61940c1c7b8707ad1be51a62f3e83e46f97352fd5cf913fc19d7

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Nov 2022 05:44:22 GMT
Server
Apache
Access-Control-Max-Age
86400
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sanook.com
Content-Type
application/json; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Content-Length
809
Expires
Sat, 03 Sep 1983 02:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=575408&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2238efacda613ed43%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.3%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2239869d6d539aa55%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22575408%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22575408%22%2C%22sid%22%3A%22468x60%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F4899711%2Fhome.sanook%2Fdesktop%2Ftips%2Freadpage%2Fleaderboard%22%2C%22gpid%22%3A%22%2F4899711%2Fhome.sanook%2Fdesktop%2Ftips%2Freadpage%2Fleaderboard%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc03fff3559bbb3394df6072cffc349bf0d7efcba448b3e63daaa6a0801849dd

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3FHGQuR%2BW5Px7yKtsqoZ0McXQYtDcDuTRwGDfUx9FoifS%2BemKVRCilvQxxhKqdPUwmUpxDmJ%2FsNh%2FZX1%2BWAlcgpw95Jp17sd8QlnSkUYPT2DUg95hWw0aie5u5U9E0feQVT6fco"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
76efd512ab8f1c4d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		319 B
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17864&site_id=385176&zone_id=2142876&size_id=2&alt_size_ids=1&rf=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&tg_i.pbadslot=%2F4899711%2Fhome.sanook%2Fdesktop%2Ftips%2Freadpage%2Fleaderboard&tk_flint=pbjs_lite_v6.29.3&x_source.tid=1f19bba2-0ec4-42c7-87fa-7e5e2821357f&l_pb_bid_id=41049a2bb0c8b9d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F4899711%2Fhome.sanook%2Fdesktop%2Ftips%2Freadpage%2Fleaderboard&slots=1&rand=0.06019843368888389
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5408d99b4819f12579759ffa8c61c2364efaf48c63eff86a5bf7e0eef140faa0

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:23 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
319
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Thu, 24 Nov 2022 05:44:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
tencentth-d.openx.net/w/1.0/ 		173 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tencentth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=1f19bba2-0ec4-42c7-87fa-7e5e2821357f&nocache=1669268661922&aus=728x90%2C468x60&divids=rgpt-leaderboard-3&aucs=%252F4899711%252Fhome.sanook%252Fdesktop%252Ftips%252Freadpage%252Fleaderboard&auid=542511416
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
76524e1b1f42f4d5fb1e1bc3d43025d582f2a92a1a5f18df2d6207e6b8ac7be9

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:22 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sanook.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96919b0183839d590fa24b427700d9&pos=8a96958d0183839d5d90a2603e7b010f&cmd=bid&secure=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
b75ad8c27a2ecc20985a96643700f81c729e27904a6a09ddeb813782b3bb1a54

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 24 Nov 2022 05:44:22 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
content-length
62
events
bidder.criteo.com/csm/ 		0
215 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F252 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=105229
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 24 Nov 2022 05:44:22 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 25 Nov 2022 10:58:11 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8302 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=105229
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 24 Nov 2022 05:44:22 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 25 Nov 2022 10:58:11 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5636 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=105229
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 24 Nov 2022 05:44:22 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 25 Nov 2022 10:58:11 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
842d8a1bd674d2f6b14e0ce31cbd6a5c08130d0435eb8a2d0b367c725f8541e7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:23 GMT
AN-X-Request-Uuid
eed639d9-4fec-49d9-a3fc-ce70680aa468
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
tencentth-d.openx.net/w/1.0/ 		173 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tencentth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e41e1265-9c27-44ac-8c65-3dc1d08eee28&nocache=1669268662178&aus=300x250%2C300x600%2C160x600%2C120x600%2C240x400&divids=rgpt-tower-4&aucs=%252F4899711%252Fhome.sanook%252Fdesktop%252Ftips%252Freadpage%252Ftower&auid=542511420
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
ca2371f835455e7a9fd0d0c5d4864395aacc3b64b828e98a608ef66294e87a0d

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:22 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sanook.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
expires
Mon, 26 Jul 1997 05:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=575406&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2255c0456d53a255f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A5%2C%22msi%22%3A5%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.3%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2256b2af0d920870a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22160x600%22%7D%7D%2C%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22120x600%22%7D%7D%2C%7B%22w%22%3A240%2C%22h%22%3A400%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22240x400%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F4899711%2Fhome.sanook%2Fdesktop%2Ftips%2Freadpage%2Ftower%22%2C%22gpid%22%3A%22%2F4899711%2Fhome.sanook%2Fdesktop%2Ftips%2Freadpage%2Ftower%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec372a515c260b7931eaeac0215a9ac5ef25aa0ad83047aeb26ce17f5641c2d3

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aI%2BkYsKqu1TJYntGqbv%2B0WppkIuQ1ZCxUzvCMPiOoyO10Sug%2BcMFOhBMioRvP6GCv6%2FNhZ7WjRny5Bk%2Bu6up3i3uEYjayosxve%2BXgLrwlj6OMmEh4XvnX7b3s2TZfaMqzZyzUpMs"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
76efd5130be51c4d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
hb
rtb-eu.andbeyond.media/ 		232 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-eu.andbeyond.media/hb?zone=136922&v=1.6
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
3a4159783a00aeceee8f7829f2c50c7fdf8401c2110710074e789a3fc2ad615c

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:23 GMT
Server
nginx
Age
0
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
232
bid-request
a.teads.tv/hb/ 		16 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.221.62 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-221-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:22 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 24 Nov 2022 05:44:22 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96919b0183839d590fa24b427700d9&pos=8a969dad0183839d5362a2608c630129&cmd=bid&secure=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
3edb7407fdf0f86e7eb5ad8b29c67861890983c5c051e9f7ad0cefe44fee7710

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 24 Nov 2022 05:44:22 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
content-length
62
/
as.innity.com/synd/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://as.innity.com/synd/?cb=1669268662182&ver=2&hb=1&output=js&pub=413&zone=64709&url=https%253A%252F%252Fwww.sanook.com%252Fhome%252F25321%252F&width=300&height=250&vpw=1600&vph=1200&callback=json&callback_uid=64eb81db2c4e4fe&auction=e8a4ae8c-14b0-45da-bfd0-b3c8163918ce
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.141 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
8d.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
a86e6dd7602f02e4cbcb0a4192762244e477043a27d302a3d822f11943963cec

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Nov 2022 05:44:22 GMT
Server
Apache
Access-Control-Max-Age
86400
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sanook.com
Content-Type
application/json; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Content-Length
844
Expires
Sat, 03 Sep 1983 02:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		338 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17864&site_id=385176&zone_id=2142876&size_id=15&alt_size_ids=9%2C8%2C10%2C17&rf=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&tg_i.pbadslot=%2F4899711%2Fhome.sanook%2Fdesktop%2Ftips%2Freadpage%2Ftower&tk_flint=pbjs_lite_v6.29.3&x_source.tid=e41e1265-9c27-44ac-8c65-3dc1d08eee28&l_pb_bid_id=6647099e3d4e14f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F4899711%2Fhome.sanook%2Fdesktop%2Ftips%2Freadpage%2Ftower&slots=1&rand=0.20684908841628213
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7bdc45d292bbe8e85ae5a88d1a20af2ec993bd5874b023640b09d78962336b24

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:23 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
338
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Thu, 24 Nov 2022 05:44:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
events
bidder.criteo.com/csm/ 		0
215 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Thu, 24 Nov 2022 05:44:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
events
bidder.criteo.com/csm/ 		0
215 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 24 Nov 2022 05:44:24 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
PugMaster
image6.pubmatic.com/AdServer/ Frame F252 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=18824309&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
c56e825f63aac9beb4c0214120319447a7f2ac3e216fb0fcfa10cab222ea732b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 24 Nov 2022 05:44:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ixmatch.html
js-sec.indexww.com/um/ Frame 681A 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
145
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
76efd518b8551c5a-AKL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 24 Nov 2022 05:44:23 GMT
expires
Thu, 24 Nov 2022 09:44:23 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame E7F8 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
145
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
76efd518b8571c5a-AKL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 24 Nov 2022 05:44:23 GMT
expires
Thu, 24 Nov 2022 09:44:23 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pd
jp-u.openx.net/w/1.0/ Frame 0E2B 		533 B
637 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jp-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
31b1e7764fe82e6cf6d1a1c1d94216463a49dca8035e7ebd8960b41513995209

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
324
content-type
text/html
date
Thu, 24 Nov 2022 05:44:22 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame 9C3E 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
145
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
76efd518b8591c5a-AKL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 24 Nov 2022 05:44:23 GMT
expires
Thu, 24 Nov 2022 09:44:23 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pd
jp-u.openx.net/w/1.0/ Frame A83B 		533 B
625 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jp-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
31b1e7764fe82e6cf6d1a1c1d94216463a49dca8035e7ebd8960b41513995209

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
324
content-type
text/html
date
Thu, 24 Nov 2022 05:44:23 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pd
jp-u.openx.net/w/1.0/ Frame 6DF2 		533 B
625 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jp-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
31b1e7764fe82e6cf6d1a1c1d94216463a49dca8035e7ebd8960b41513995209

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
324
content-type
text/html
date
Thu, 24 Nov 2022 05:44:22 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
match
c1.adform.net/serving/cookie/ Frame ACEE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=0683D562-871D-4C89-8C7A-213479BC869E&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0683D562-871D-4C89-8C7A-213479BC869E&gdpr=0&gdpr_consent=
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0683D562-871D-4C89-8C7A-213479BC869E&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 24 Nov 2022 05:44:24 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 24 Nov 2022 05:44:23 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0683D562-871D-4C89-8C7A-213479BC869E&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 0A87
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2801637f-04b7-4b00-9723-1b83462d1c44&gdpr=0&gdpr_consent=
42 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2801637f-04b7-4b00-9723-1b83462d1c44&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 24 Nov 2022 05:44:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 24 Nov 2022 05:44:23 GMT
Expires
Thu, 24 Nov 2022 05:44:22 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 169 32252b7 master hkg-pixel-x19 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2801637f-04b7-4b00-9723-1b83462d1c44&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame CA4A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y38EtwAKcMY5lgAO&gdpr=0&gdpr_consent=&_test=Y38EtwAKcMY5lgAO
1 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y38EtwAKcMY5lgAO&gdpr=0&gdpr_consent=&_test=Y38EtwAKcMY5lgAO
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 24 Nov 2022 05:44:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 24 Nov 2022 05:44:23 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y38EtwAKcMY5lgAO&gdpr=0&gdpr_consent=&_test=Y38EtwAKcMY5lgAO
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-mel11268-MEL
x-timer
S1669268664.738779,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame A451
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xxl9uw7cwru
1 B
168 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xxl9uw7cwru
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 24 Nov 2022 05:44:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Thu, 24 Nov 2022 05:44:24 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xxl9uw7cwru
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
image2.pubmatic.com/AdServer/ Frame 372C
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=CZwjkg-bdsMSliHAC5k5wlmdcs0SyiCRCsmHsbL7
42 B
337 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=CZwjkg-bdsMSliHAC5k5wlmdcs0SyiCRCsmHsbL7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 24 Nov 2022 05:44:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 24 Nov 2022 05:44:23 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=CZwjkg-bdsMSliHAC5k5wlmdcs0SyiCRCsmHsbL7
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 61F2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3198578105936587515&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3198578105936587515&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 24 Nov 2022 05:44:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
de13aac1-fc4d-4553-bf76-81651a662306
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Thu, 24 Nov 2022 05:44:23 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3198578105936587515&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame D510
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 24 Nov 2022 05:44:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Thu, 24 Nov 2022 05:44:23 GMT
expires
Thu, 24 Nov 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1347612
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 013C
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=1ldltZOaBUmqvVfVtwR_Yw
42 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=1ldltZOaBUmqvVfVtwR_Yw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 24 Nov 2022 05:44:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Thu, 24 Nov 2022 05:44:23 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=1ldltZOaBUmqvVfVtwR_Yw
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 0725
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-PIt4apGRqZWV3Beavlod3RaSso
42 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-PIt4apGRqZWV3Beavlod3RaSso
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 24 Nov 2022 05:44:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Thu, 24 Nov 2022 05:44:24 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-PIt4apGRqZWV3Beavlod3RaSso
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 03D4 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.131.200.84 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 24 Nov 2022 05:44:23 GMT
Pragma
no-cache
Server
nginx
expires
-1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F252
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BoPVYocdTImMeiE0ebyGng%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Server
23.44.0.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62
8096267
date
Thu, 24 Nov 2022 05:44:23 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=UTF-8
cache-control
max-age=105228
accept-ranges
bytes
content-length
5549
expires
Fri, 25 Nov 2022 10:58:11 GMT

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame F252
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=0683D562-871D-4C89-8C7A-213479BC869E
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDA2ODNENTYyLTg3MUQtNEM4OS04QzdBLTIxMzQ3OUJDODY5RRAAGg0It4n8mwYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=a9b47a9a4230836048240704628b027be4d4d0841368ada95111cd5939653f53791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBhOWI0N2E5YTQyMzA4MzYwNDgyNDA3MDQ2MjhiMDI3YmU0ZDRkMDg0MTM2OGFkYTk1MTExY2Q1OTM5NjUzZjUzNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBhOWI0N2E5YTQyMzA4MzYwNDgyNDA3MDQ2MjhiMDI3YmU0ZDRkMDg0MTM2OGFkYTk1MTExY2Q1OTM5NjUzZjUzNzkxNDI2YjU0MTdkY2UyMRAAGgwIuIn8mwYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=72c14ec7-0ad2-4840-a507-bcece64ec10f
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=72c14ec7-0ad2-4840-a507-bcece64ec10f
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:26 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=72c14ec7-0ad2-4840-a507-bcece64ec10f
date
Thu, 24 Nov 2022 05:44:26 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame F252
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5519637f-04b7-4500-9b6a-7f6f3b1588d5
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5519637f-04b7-4500-9b6a-7f6f3b1588d5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:24 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 24 Nov 2022 05:44:23 GMT
Server
MT3 169 32252b7 master hkg-pixel-x3 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5519637f-04b7-4500-9b6a-7f6f3b1588d5
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 24 Nov 2022 05:44:22 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F252
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDY4M0Q1NjItODcxRC00Qzg5LThDN0EtMjEzNDc5QkM4NjlF&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 24 Nov 2022 05:44:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F252
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEcJ9n9zmVq5NGuIOI3d48U&google_cver=1
42 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEcJ9n9zmVq5NGuIOI3d48U&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 24 Nov 2022 05:44:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEcJ9n9zmVq5NGuIOI3d48U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F252
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CD47C018B3054D07B0988B6AD97255DB
42 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CD47C018B3054D07B0988B6AD97255DB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 24 Nov 2022 05:44:24 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Thu, 24 Nov 2022 05:44:23 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CD47C018B3054D07B0988B6AD97255DB
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 23 Nov 2022 05:44:23 GMT
0683D562-871D-4C89-8C7A-213479BC869E
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame F252 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/0683D562-871D-4C89-8C7A-213479BC869E?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.36.190 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-36-190.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame F252
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&gdpr=0&gdpr_consent=
42 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 24 Nov 2022 05:44:24 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:23 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
SPug
image4.pubmatic.com/AdServer/ Frame F252
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0683D562-871D-4C89-8C7A-213479BC869E&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nEJbCnBE2uVspRgP3Qwc5eoebZnmiU4-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nEJbCnBE2uVspRgP3Qwc5eoebZnmiU4-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:24 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nEJbCnBE2uVspRgP3Qwc5eoebZnmiU4-~A&gdpr=0&gdpr_consent=
date
Thu, 24 Nov 2022 05:44:24 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame F252
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3744983394933995990
42 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3744983394933995990
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 24 Nov 2022 05:44:24 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3744983394933995990
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame F252
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=33e8fac6-aa9e-4dc9-b58d-e1a185dcb2b2
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=33e8fac6-aa9e-4dc9-b58d-e1a185dcb2b2
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=b5488070-4332-48dd-8be1-941799492168&user_group=1&ssp=pubmatic&bsw_param=33e8fac6-aa9e-4dc9-b58d-e1a185dcb2b2
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=33e8fac6-aa9e-4dc9-b58d-e1a185dcb2b2&gdpr=&gdpr_consent=&gdpr_pd=
1 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=33e8fac6-aa9e-4dc9-b58d-e1a185dcb2b2&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 24 Nov 2022 05:44:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=33e8fac6-aa9e-4dc9-b58d-e1a185dcb2b2&gdpr=&gdpr_consent=&gdpr_pd=
Date
Thu, 24 Nov 2022 05:44:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame F252
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7007434875126765404&gdpr=0&gdpr_consent=&us_privacy=
1 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7007434875126765404&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 24 Nov 2022 05:44:24 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7007434875126765404&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 24 Nov 2022 05:44:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame F252
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0683D562-871D-4C89-8C7A-213479BC869E&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=7020947fb7771b23&is_secure=true&networkId=17100&version=1&nuid=0683D562-871D-4C89-8C7A-213479BC869E&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALpApWdimy0AMnWzKsAAAAAAA&expiration=1669355065&nuid=0683D562-871D-4C89-8C7A-213479BC869E&...
42 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALpApWdimy0AMnWzKsAAAAAAA&expiration=1669355065&nuid=0683D562-871D-4C89-8C7A-213479BC869E&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 24 Nov 2022 05:44:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:25 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALpApWdimy0AMnWzKsAAAAAAA&expiration=1669355065&nuid=0683D562-871D-4C89-8C7A-213479BC869E&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame F252
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3198578105936587515
42 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3198578105936587515
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 24 Nov 2022 05:44:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:25 GMT
AN-X-Request-Uuid
c9a87811-2618-4f69-adbe-4761cbe00197
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3198578105936587515
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0E2B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=6935377281088837468&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=6935377281088837468&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=6935377281088837468&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 24 Nov 2022 05:44:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 0E2B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=5a21062a-543a-304d-635b-c126afb7ffce&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=5a21062a-543a-304d-635b-c126afb7ffce&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&ttd_puid=5a21062a-543a-304d-635b-c126afb7ffce&gdpr=0&gdpr_consent=
43 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&ttd_puid=5a21062a-543a-304d-635b-c126afb7ffce&gdpr=0&gdpr_consent=
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:23 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:23 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&ttd_puid=5a21062a-543a-304d-635b-c126afb7ffce&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 0E2B
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y38Et8Co5s8AAOCPjFYAAAAA
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y38Et8Co5s8AAOCPjFYAAAAA
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
57
Date
Thu, 24 Nov 2022 05:44:23 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":57,"gdpr":false,"ipv4":"116.90.74.202","key":"Y38Et8Co5s8AAOCPjFYAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40223"}
X-SO-Key
Y38Et8Co5s8AAOCPjFYAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40223
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y38Et8Co5s8AAOCPjFYAAAAA
Cache-Control
private
X-SO-HostName
a-ad40223.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
a-tgng40011.dc2p.scaleout.jp
X-SO-IP
116.90.74.202
sd
jp-u.openx.net/w/1.0/ Frame 0E2B
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AUeRIJ568i_zks8ADxz9kNnA9s8AAAGEqCpvEQ
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AUeRIJ568i_zks8ADxz9kNnA9s8AAAGEqCpvEQ
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:24 GMT
via
1.1 f376d87611123aa47c006262522a6a94.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AUeRIJ568i_zks8ADxz9kNnA9s8AAAGEqCpvEQ
cache-control
no-cache
content-length
0
x-amz-cf-id
PsweL3tuWd6OsHk-PhW3AmXvPquXR07uiO_d0KGKDtvQ1v0D8GbVvA==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 0E2B 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzY0ZWQ1ZTAtOWQ0ZC02ZWU5LTc2YmItOWI5ZjY1NTUzMWFl
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0E2B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHoHq7otzveAq_EKtWbequ4&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHoHq7otzveAq_EKtWbequ4&google_cver=1
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:23 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHoHq7otzveAq_EKtWbequ4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6DF2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7079492469164693340&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7079492469164693340&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7079492469164693340&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 24 Nov 2022 05:44:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 6DF2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=5a21062a-543a-304d-635b-c126afb7ffce&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=5a21062a-543a-304d-635b-c126afb7ffce&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&ttd_puid=5a21062a-543a-304d-635b-c126afb7ffce&gdpr=0&gdpr_consent=
43 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&ttd_puid=5a21062a-543a-304d-635b-c126afb7ffce&gdpr=0&gdpr_consent=
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:23 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:23 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&ttd_puid=5a21062a-543a-304d-635b-c126afb7ffce&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 6DF2
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y38Et8Co5ucAABU37MUAAAAA
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y38Et8Co5ucAABU37MUAAAAA
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Thu, 24 Nov 2022 05:44:23 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"116.90.74.202","key":"Y38Et8Co5ucAABU37MUAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad384"}
X-SO-Key
Y38Et8Co5ucAABU37MUAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad384
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y38Et8Co5ucAABU37MUAAAAA
Cache-Control
private
X-SO-HostName
m-ad384.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
1
Content-Length
0
X-SO-LB-Hostname
a-tgng40016.dc2p.scaleout.jp
X-SO-IP
116.90.74.202
sd
jp-u.openx.net/w/1.0/ Frame 6DF2
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQdnDrMQSnmHks8ADxz9kNnA888AAAGEqCpvDg
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQdnDrMQSnmHks8ADxz9kNnA888AAAGEqCpvDg
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:24 GMT
via
1.1 f376d87611123aa47c006262522a6a94.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQdnDrMQSnmHks8ADxz9kNnA888AAAGEqCpvDg
cache-control
no-cache
content-length
0
x-amz-cf-id
bN10-5003rvGim6i7emnX7lR642nFEWbIMYXGGR2yK74qN1qd4kHfA==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 6DF2 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzY0ZWQ1ZTAtOWQ0ZC02ZWU5LTc2YmItOWI5ZjY1NTUzMWFl
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6DF2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHoHq7otzveAq_EKtWbequ4&google_cver=1
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHoHq7otzveAq_EKtWbequ4&google_cver=1
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:23 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHoHq7otzveAq_EKtWbequ4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A83B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3762872818583033692&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3762872818583033692&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3762872818583033692&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 24 Nov 2022 05:44:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame A83B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=5a21062a-543a-304d-635b-c126afb7ffce&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=5a21062a-543a-304d-635b-c126afb7ffce&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&ttd_puid=5a21062a-543a-304d-635b-c126afb7ffce&gdpr=0&gdpr_consent=
43 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&ttd_puid=5a21062a-543a-304d-635b-c126afb7ffce&gdpr=0&gdpr_consent=
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:23 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:23 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&ttd_puid=5a21062a-543a-304d-635b-c126afb7ffce&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame A83B
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y38Et8Co5swAAJZcfXQAAAAA
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y38Et8Co5swAAJZcfXQAAAAA
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
28
Date
Thu, 24 Nov 2022 05:44:23 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":28,"gdpr":false,"ipv4":"116.90.74.202","key":"Y38Et8Co5swAAJZcfXQAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40048"}
X-SO-Key
Y38Et8Co5swAAJZcfXQAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40048
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y38Et8Co5swAAJZcfXQAAAAA
Cache-Control
private
X-SO-HostName
a-ad40048.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
1
Content-Length
0
X-SO-LB-Hostname
a-tgng40008.dc2p.scaleout.jp
X-SO-IP
116.90.74.202
sd
jp-u.openx.net/w/1.0/ Frame A83B
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AcSwvrtGQpBtks8ADxz9kNnA9M8AAAGEqCpvDw
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AcSwvrtGQpBtks8ADxz9kNnA9M8AAAGEqCpvDw
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:24 GMT
via
1.1 f376d87611123aa47c006262522a6a94.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AcSwvrtGQpBtks8ADxz9kNnA9M8AAAGEqCpvDw
cache-control
no-cache
content-length
0
x-amz-cf-id
pkUd9poh47azF7WEohnWoVV3arxWry2GfBTtBTXsDTwJoKsq72iGjw==
expires
-1
pixel
cm.g.doubleclick.net/ Frame A83B 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzY0ZWQ1ZTAtOWQ0ZC02ZWU5LTc2YmItOWI5ZjY1NTUzMWFl
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A83B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHoHq7otzveAq_EKtWbequ4&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHoHq7otzveAq_EKtWbequ4&google_cver=1
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:23 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHoHq7otzveAq_EKtWbequ4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0E0A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
3136
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 24 Nov 2022 05:44:23 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
30, 4695
X-Served-By
cache-lga13626-LGA, cache-mel11223-MEL
X-Timer
S1669268664.531166,VS0,VE0
user-sync
sync.adkernel.com/ Frame 9793 		667 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=136922&r=%2F%2Frtb-eu.andbeyond.media%2Fuser-synced%3Fzone%3D136922%26uid%3D%7BUID%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.130.169.24 , United States, ASN393710 (WEBAIR-INTERNET-SINGAPORE, US),
Reverse DNS
Software
nginx /
Resource Hash
3ddd01b8d94bd6bbf8c28aed4085e148dd8ced6efafd10200290be4094387ef0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
667
Content-Type
text/html; charset=utf-8
Date
Thu, 24 Nov 2022 05:44:24 GMT
Pragma
no-cache
Server
nginx
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1B7F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
3136
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 24 Nov 2022 05:44:23 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
30, 4590
X-Served-By
cache-lga13626-LGA, cache-mel11230-MEL
X-Timer
S1669268664.531385,VS0,VE0
user-sync
sync.adkernel.com/ Frame B06A 		509 B
980 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=136924&r=%2F%2Frtb-eu.andbeyond.media%2Fuser-synced%3Fzone%3D136924%26uid%3D%7BUID%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.130.169.24 , United States, ASN393710 (WEBAIR-INTERNET-SINGAPORE, US),
Reverse DNS
Software
nginx /
Resource Hash
ee1f10c640da0cbfc1e53539a4b99d3dcfba1c60ee29adcf3bbf5edf665395b2

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
509
Content-Type
text/html; charset=utf-8
Date
Thu, 24 Nov 2022 05:44:24 GMT
Pragma
no-cache
Server
nginx
usermatch
ssum-sec.casalemedia.com/ Frame 0CBD
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6947c2fe1514ddbd1533c2de0e02e8e617133d845d10426893909dc7255e8838

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76efd51dfa91a88e-SYD
content-encoding
br
content-type
text/html
date
Thu, 24 Nov 2022 05:44:24 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M2W8i4OgoobzKyFTRf3rSjpmmJ7HBa13xz%2FeNHoqKsv1beZZF4tdikfi4RhDx8NOClg50PIevo6HIA9KedYk9%2FGolvACRcFyMB0k6dIrOT5v0jE68DpbY1gvBMJvJktIkUae79WYjJoEcw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76efd51b8fb95503-SYD
content-length
0
date
Thu, 24 Nov 2022 05:44:23 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lnRYCwEkTlwTToj%2BF7uw7RnAj59oKfUxPopMi5CG8haZJL6YUp3a6UqUoKzNFSgwqtdAnqfwVqhIuuCGQ6tKXt%2FEhFqFfZh8N8ugyWaWeJdeJslptniA8MUKTSk1vgfnC3hUQB71pMauUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame DD9A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba36f52c2f81ac88edd9a126c91c8028eeccf0a34fa695a55e9080d4ff8f7e50

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76efd51dfa8ea88e-SYD
content-encoding
br
content-type
text/html
date
Thu, 24 Nov 2022 05:44:24 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SlUx7FmrgIjDWn2kWdaPZmP31zIjNr1l%2FZmmlqb3r%2F%2BMSNnTwTAYZDvt0M3vt8wkrmLlkp12oQ8avywpxWd9%2BL67yubA2TCRUyV8wJ0fj5g5a3CQCQFMgNgSQg3OgI0x56j2A%2B80yOR84A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76efd51b8fba5503-SYD
content-length
0
date
Thu, 24 Nov 2022 05:44:23 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FxB2mAHT2vIIbyul3grANIFvcmswWtLS6qD8q%2BQ98tWGSoPddWgE8FUch04legYMuyIXkuOt%2B1e3AprXpiGXYqJLNhFhMV54TqhL8qQP0PPp%2Fyydz4P%2B2sgey3jFyAgHHQFfP%2BLtfEdnOg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 0A3F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fff7afafbc9cdd6af376ff7cfd3010750fae4fd9a9114d9b8e6e055cfc35a866

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76efd51dfa93a88e-SYD
content-encoding
br
content-type
text/html
date
Thu, 24 Nov 2022 05:44:24 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c6O2%2B%2BwSf44wcpM7fnVTTuVismVbwfYXisgPUrgPZQfge3sSlHoBcPESb8S2xP5VS%2FmNP5EKt5tLjDpa5vZkamBe%2FeQuVrHOzNSXHBC99KBE%2BgkwnIlro3y2LK3vwU%2FxDwVobNatqzPSzA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76efd51b8fbb5503-SYD
content-length
0
date
Thu, 24 Nov 2022 05:44:23 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sp16z%2FA49km9WQ61EmrWywn9DrR4zj3j5D2mHLyD5Daa4GEHgVZjBRMr3g1wVjQ%2Fl%2Fi3fUPzoo9DZ%2FXMMlPJFhuvPLHCBtaS5K9WY%2FwYYo5UCcKgv1QPXFvFipAmDpGp7SK2DJVMEzGzVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 0E0A 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:23 GMT
AN-X-Request-Uuid
a62a7317-f826-42ce-8275-a7d8c1cee255
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 1B7F 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:23 GMT
AN-X-Request-Uuid
6577601d-2ebd-44eb-bedc-e77f64ecca2a
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
257042.js
a.th.giraff.io/data/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/257042.js?json=1&async=1&cs=utf-8&rand=0.527920353947003&num=3&as=653786%3A2841952%3A2841950%3A2841956%3A653805%3A2841953%3A2841954%3A2841955%3A2841949%3A2841951%3A2818124&nodupes=1&callback=callback3839242735680175
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-sanookcom-home.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.249.95 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
7c102a48d14ffcda0802c72ae0f0bfdda3860045ed09e6fba3f0328b05948592

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
access-control-max-age
1728000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
2726937.jpg
cdn.th.giraff.io/cdn/images/300x200/37/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/300x200/37/2726937.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.26.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f286e834c74c5cd50fe25466a3f2715da037725618fc59f0e63d9e61c9b3103

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
cf-cache-status
HIT
age
177241
cf-polished
qual=85, origFmt=jpeg, origSize=24872
content-disposition
inline; filename="2726937.webp"
content-length
11468
cf-bgj
imgq:85,h2pri
last-modified
Thu, 17 Nov 2022 10:00:09 GMT
server
cloudflare
etag
"63760629-6128"
access-control-max-age
1728000
vary
Accept
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
76efd525ef87a813-SYD
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 22 Dec 2022 04:30:24 GMT
2701115.jpg
cdn.th.giraff.io/cdn/images/300x200/15/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/300x200/15/2701115.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.26.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a20b2f4c95a6a55487856ff1dc3f2649ced5aa8bbd3970907cfa4554dd1c3bd

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
cf-cache-status
HIT
age
103223
cf-polished
qual=85, origFmt=jpeg, origSize=14633
content-disposition
inline; filename="2701115.webp"
content-length
5924
cf-bgj
imgq:85,h2pri
last-modified
Thu, 17 Nov 2022 20:00:22 GMT
server
cloudflare
etag
"637692d6-3929"
access-control-max-age
1728000
vary
Accept
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
76efd525ef88a813-SYD
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 23 Dec 2022 01:04:02 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&bundle=ETo9mV9sVmJOZDdIODV1ZTRNOCUyQjElMkY5VExyUkkxd01YWElxWXJVeXAxR1NCMXE2ZiUyQkUyQkJhJTJCbHVHNmpMR3VBNnAxeVNXVGFGUWs3bmRYOW9kWlVWZWlWV3dSQkRBZGdDaUdZMzV5S2FrWXJ2cEpOa0JGQkc1Rlg3TEE0NmhOSE1nMlhOV2gxMjhYVUFta3BCYzloUk1vbkM0QSUzRCUzRA&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.sanook.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 24 Nov 2022 05:44:24 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
278471
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		426 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&bundle=ETo9mV9sVmJOZDdIODV1ZTRNOCUyQjElMkY5VExyUkkxd01YWElxWXJVeXAxR1NCMXE2ZiUyQkUyQkJhJTJCbHVHNmpMR3VBNnAxeVNXVGFGUWs3bmRYOW9kWlVWZWlWV3dSQkRBZGdDaUdZMzV5S2FrWXJ2cEpOa0JGQkc1Rlg3TEE0NmhOSE1nMlhOV2gxMjhYVUFta3BCYzloUk1vbkM0QSUzRCUzRA&cw=1&pbt=1&lsw=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
3bf08fa276b337a651a3674ce5afa0255458a49658623644c656c2115bd8557d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:24 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1601984
expires
0
617.json
id5-sync.com/g/v2/ 		462 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/617.json
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
9fd5e958d77db522d4906ea4727d421705192548c201717ab75dbde7de246f5e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 24 Nov 2022 05:44:24 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.sanook.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
envelope
api.rlcdn.com/api/identity/ 		0
0
id
id.crwdcntrl.net/ 		77 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.203.49 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-203-49.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
aa4d15417aa5ae19e6e38483286610d63dd7f3235f95838d5262549ea2fb7216

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:24 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache
x-server
10.42.25.140
access-control-allow-credentials
true
content-length
77
expires
0
rid
match.adsrvr.org/track/ 		108 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
dcf086f6590fd2971fd158cbc4ea57badce899e18960f4fbf1b769eb358f2458

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 24 Nov 2022 05:44:23 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sat, 24 Dec 2022 05:44:23 GMT
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.80 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:42:55 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.80 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:01 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.80 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:06 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.19.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-19-109.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 03:55:32 GMT
content-encoding
gzip
via
1.1 203715eee1aff29c3cd146fbb151966c.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:50:34 GMT
server
nginx
x-amz-cf-pop
SIN5-C1
age
6532
etag
W/"62d7515a-933f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-id
2qP9wXSfoTF4JCV_8dAQvUwKMSqxWVK5GCfsZlst99-xhwsg6_LlBA==
expires
Thu, 24 Nov 2022 05:55:32 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.19.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-19-109.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 04:11:05 GMT
content-encoding
gzip
via
1.1 203715eee1aff29c3cd146fbb151966c.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
x-amz-cf-pop
SIN5-C1
age
5599
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-id
rjKZV6shNoUOtmk-wKxsHRitHqcyu_WqexvUrW7zd8kpa7aIYLzyGw==
expires
Thu, 24 Nov 2022 06:11:05 GMT
rum
dsum-sec.casalemedia.com/ Frame 0A3F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&expiration=1671860664&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&expiration=1671860664&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:24 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&expiration=1671860664&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 0A3F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y38EtxD0v6ddYPL1fRccmwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFE7SGR43qNxqNDmB_ftR4I&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFE7SGR43qNxqNDmB_ftR4I&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFE7SGR43qNxqNDmB_ftR4I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 0A3F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y38EtxD0v6ddYPL1fRccmwAAFMYAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEASNgg8vz373-IJBkYYccxg&google_cver=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEASNgg8vz373-IJBkYYccxg&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a2efTaJav6qEUZ1RyIZvgHcaEdKe3ImqbWNT6ioOkAMLVbTuZoexKL9zgeHEEgi1TZbrlQrD%2F9AY%2FQq2TM%2FxsDcuqtPehU3ibrc3SnH1UaJckJzVw87BoQPzNqA6Zsyq5GBa7pqp9hap4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
76efd5237a05a88e-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEASNgg8vz373-IJBkYYccxg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 0A3F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y38EtxD0v6ddYPL1fRccmwAAFMYAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y38EtxD0v6ddYPL1fRccmwAAFMYAAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y38EtxD0v6ddYPL1fRccmwAAFMYAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
808VACKDX6BE040B6V9B
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AJNWYD59VG3M66RRSS5F
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y38EtxD0v6ddYPL1fRccmwAAFMYAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Y38EtxD0v6ddYPL1fRccmwAAFMYAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0A3F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y38EtxD0v6ddYPL1fRccmwAAFMYAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y38EtxD0v6ddYPL1fRccmwAAFMYAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y38EtxD0v6ddYPL1fRccmwAAFMYAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
52.74.36.190 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-36-190.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y38EtxD0v6ddYPL1fRccmwAAFMYAAAIB
date
Thu, 24 Nov 2022 05:44:24 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 0A3F
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0869220419bddfe4759b696b&expiration=[EXPIRATION]
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0869220419bddfe4759b696b&expiration=[EXPIRATION]
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0869220419bddfe4759b696b&expiration=[EXPIRATION]
date
Thu, 24 Nov 2022 05:44:25 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
tp_out
d.adroll.com/cm/index/ Frame 0A3F 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.172.50 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-172-50.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:24 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 0A3F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7439780439354333020
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7439780439354333020
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7439780439354333020
pragma
no-cache
date
Thu, 24 Nov 2022 05:44:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
htw-pixel.gif
cdn.indexww.com/ht/ Frame 0A3F 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y38EtxD0v6ddYPL1fRccmwAA%265318
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
62845
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76efd5246fceee9e-AKL
content-length
43
expires
Fri, 25 Nov 2022 05:44:25 GMT
dcm
s.amazon-adsystem.com/ Frame 0CBD
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y38Et5POK2n75o3ywFtoLQAAFNQAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y38Et5POK2n75o3ywFtoLQAAFNQAAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y38Et5POK2n75o3ywFtoLQAAFNQAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TBSABZNBC5YFHGPKRYZQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
X6QH3EZWEP7YM6YKPSAA
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y38Et5POK2n75o3ywFtoLQAAFNQAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 0CBD
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y38Et-H7.P2A086OIfb25QAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFE7SGR43qNxqNDmB_ftR4I&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFE7SGR43qNxqNDmB_ftR4I&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFE7SGR43qNxqNDmB_ftR4I&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 0CBD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y38Et5POK2n75o3ywFtoLQAAFNQAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEASNgg8vz373-IJBkYYccxg&google_cver=1
43 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEASNgg8vz373-IJBkYYccxg&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oyndLDIZqqG8ivwr9FgbT%2Bgda3JrAAE3N4LAfpj%2FKBxmE8m%2BNmPVwn%2Fv%2BRnRGgH1G9b7tmGaV%2B773tSoitVKq%2F4ScrQnTb%2B2ynBOfBInxy2EyMGjsfn8G8cnKU0%2FK37ukO1IhBKNL5f1mg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
76efd5241b22a88e-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEASNgg8vz373-IJBkYYccxg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0CBD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&expiration=1671860664&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&expiration=1671860664&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:24 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&expiration=1671860664&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
rum
dsum-sec.casalemedia.com/ Frame 0CBD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y38EtwAKcMY5lgAO
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y38EtwAKcMY5lgAO
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-mel11268-MEL
pragma
no-cache
date
Thu, 24 Nov 2022 05:44:24 GMT
via
1.1 varnish
server
Varnish
x-timer
S1669268664.322309,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y38EtwAKcMY5lgAO
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 0CBD
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030001_637f04b8d3d93&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030001_637f04b8d3d93
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030001_637f04b8d3d93
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Thu, 24 Nov 2022 05:44:25 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030001_637f04b8d3d93
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
Y38Et5POK2n75o3ywFtoLQAAFNQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0CBD
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y38Et5POK2n75o3ywFtoLQAAFNQAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y38Et5POK2n75o3ywFtoLQAAFNQAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y38Et5POK2n75o3ywFtoLQAAFNQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
52.74.36.190 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-36-190.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y38Et5POK2n75o3ywFtoLQAAFNQAAAIB
date
Thu, 24 Nov 2022 05:44:24 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum.casalemedia.com/ Frame 0CBD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3198578105936587515
43 B
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3198578105936587515
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6Mo%2FQZfU3DJdRuYsQXM%2BRlkZ7yoygr2Fb2b7DKjzMKCXVHnkiwESPAEWinMwMzB4P%2BmuFy7NOyWMnHTPR6rm0777HvDATGDvBEct7FmWTefozbxt%2Bp%2FFGn0%2FNTe8W%2BTf8g%2Fno8n"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
76efd523f964aade-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:24 GMT
AN-X-Request-Uuid
b7424588-379b-4973-8e9e-76da9545457d
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3198578105936587515
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 0CBD 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y38Et5POK2n75o3ywFtoLQAA%265332
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
62845
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76efd5246fcfee9e-AKL
content-length
43
expires
Fri, 25 Nov 2022 05:44:25 GMT
crum
dsum-sec.casalemedia.com/ Frame DD9A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y38Et-H7.P2A086OIfb25QAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFE7SGR43qNxqNDmB_ftR4I&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFE7SGR43qNxqNDmB_ftR4I&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFE7SGR43qNxqNDmB_ftR4I&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DD9A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&expiration=1671860664&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&expiration=1671860664&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:24 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&expiration=1671860664&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame DD9A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y38Et_H7-P2A086OIfb25QAAFMUAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEASNgg8vz373-IJBkYYccxg&google_cver=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEASNgg8vz373-IJBkYYccxg&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3qZwkcuug2NOwTQT34ttOelqeXS3s5gUXRrenXssCrQvFcS1MWTjMRYA2HrG6XwKpeORX%2FtpfxV2FuZ3HYuGL9hoFxCv6UfKsZsUcEUY4%2FvpbPmeoPt0wkddCb2wWv4jaQc69SXZtlCiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
76efd5241b24a88e-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEASNgg8vz373-IJBkYYccxg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame DD9A
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y38Et_H7-P2A086OIfb25QAAFMUAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y38Et_H7-P2A086OIfb25QAAFMUAAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y38Et_H7-P2A086OIfb25QAAFMUAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
C34BPAYQMPH7NQAZW92H
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MZGMX9RRSAVY6465XBSP
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y38Et_H7-P2A086OIfb25QAAFMUAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame DD9A 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.172.50 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-172-50.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:24 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
Y38Et_H7-P2A086OIfb25QAAFMUAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame DD9A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y38Et_H7-P2A086OIfb25QAAFMUAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y38Et_H7-P2A086OIfb25QAAFMUAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y38Et_H7-P2A086OIfb25QAAFMUAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
52.74.36.190 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-36-190.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y38Et_H7-P2A086OIfb25QAAFMUAAAIB
date
Thu, 24 Nov 2022 05:44:24 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum.casalemedia.com/ Frame DD9A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3198578105936587515
43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3198578105936587515
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2Fc3cOgQnQOfqxNkqIUzwbPGWjFbAbvMDYUirc4Cs2g75QnSusEhQyG5VgyQYZfJQ7Wrsp0QiZmfndxde%2Bu2xP3HNYL6wOAq6lt5iXIRtdSIZq%2FHC1zpaqtz8gK1qYlFZBDTNzxN"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
76efd523f966aade-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:24 GMT
AN-X-Request-Uuid
f03684cf-cc9a-4007-8074-ceb91bc9126b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3198578105936587515
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DD9A
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=ZujGhoaGRwxqrHyZbyGTI3RaSso
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=ZujGhoaGRwxqrHyZbyGTI3RaSso
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=ZujGhoaGRwxqrHyZbyGTI3RaSso
Date
Thu, 24 Nov 2022 05:44:24 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
htw-pixel.gif
cdn.indexww.com/ht/ Frame DD9A 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y38Et-H7.P2A086OIfb25QAA%265317
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
62845
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76efd5246fd0ee9e-AKL
content-length
43
expires
Fri, 25 Nov 2022 05:44:25 GMT
user-sync
sync.adkernel.com/ Frame 9793
Redirect Chain
  • https://dm-eu.hybrid.ai/match?id=407&burl=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D136922%26dsp%3D520869%26t%3Dimage%26uid%3D%24%7BVID%7D
  • https://sync.adkernel.com/user-sync?zone=136922&dsp=520869&t=image&uid=6948bd2837139bb6894f
42 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=136922&dsp=520869&t=image&uid=6948bd2837139bb6894f
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=136922&r=%2F%2Frtb-eu.andbeyond.media%2Fuser-synced%3Fzone%3D136922%26uid%3D%7BUID%7D
Protocol
HTTP/1.1
Server
216.130.169.24 , United States, ASN393710 (WEBAIR-INTERNET-SINGAPORE, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://sync.adkernel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:26 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
close
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:25 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
location
https://sync.adkernel.com/user-sync?zone=136922&dsp=520869&t=image&uid=6948bd2837139bb6894f
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
530
content-length
0
x-xss-protection
1; mode=block
expires
-1
user-sync
sync.adkernel.com/ Frame B06A
Redirect Chain
  • https://dm-eu.hybrid.ai/match?id=407&burl=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D136924%26dsp%3D520869%26t%3Dimage%26uid%3D%24%7BVID%7D
  • https://sync.adkernel.com/user-sync?zone=136924&dsp=520869&t=image&uid=0f808137122eb5258049
42 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=136924&dsp=520869&t=image&uid=0f808137122eb5258049
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=136924&r=%2F%2Frtb-eu.andbeyond.media%2Fuser-synced%3Fzone%3D136924%26uid%3D%7BUID%7D
Protocol
HTTP/1.1
Server
216.130.169.24 , United States, ASN393710 (WEBAIR-INTERNET-SINGAPORE, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://sync.adkernel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:25 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
close
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:25 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
location
https://sync.adkernel.com/user-sync?zone=136924&dsp=520869&t=image&uid=0f808137122eb5258049
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
505
content-length
0
x-xss-protection
1; mode=block
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame 2097 		64 B
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=136922&r=%2F%2Frtb-eu.andbeyond.media%2Fuser-synced%3Fzone%3D136922%26uid%3D%7BUID%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.38 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
013841362f30983b4fd08ad270a68c146c10d26708cb41d419838ef369ec2821

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-type
text/plain; charset=utf-8
date
Thu, 24 Nov 2022 05:44:26 GMT
transfer-encoding
chunked
wl
t.pubmatic.com/ 		17 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.80 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:58 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
async_usersync
ib.adnxs.com/ Frame 0E0A 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:24 GMT
AN-X-Request-Uuid
d521bfb5-74e3-4fab-83a3-f9926266a363
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 1B7F 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:24 GMT
AN-X-Request-Uuid
801ca3dd-3f10-4c64-b33a-d7dd1fb50f5d
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
AGSKWxWisVJxpke6pA3AymajXDDiL_2z1XGfdDCQBXy-VBjtGu-ohCGPlc9lW2tcrEX-MO-Lp2efHTV3Ob5f5jqo8Mg=
fundingchoicesmessages.google.com/f/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWisVJxpke6pA3AymajXDDiL_2z1XGfdDCQBXy-VBjtGu-ohCGPlc9lW2tcrEX-MO-Lp2efHTV3Ob5f5jqo8Mg=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjY5MjY4NjY0LDg0MDAwMDAwMF0sIjlCMTlGQTE0LTkxOTMtNDZFRi04RUQ1LTNDREU1NkQzMzlERSIsbnVsbCxudWxsLFtudWxsLFs3XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsdHJ1ZSx0cnVlXSwiaHR0cHM6Ly93d3cuc2Fub29rLmNvbS9ob21lLzI1MzIxLyIsbnVsbCxbWzgsIl96T1V3aVNab0Q4Il0sWzksImVuLUdCIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB._zOUwiSZoD8.es5.O/d=1/rs=AJlcJMxeTRyuDR6pcl1eLLO3wTw1ujoqfA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f138.1e100.net
Software
ESF /
Resource Hash
bd57a61f43f28d380c82fb08466db41fa4ffd4113881ea4be957c9b03741f4b6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-xr2NgjXwJhaf2MCOP5eU_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-xr2NgjXwJhaf2MCOP5eU_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.co.nz/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2302071209970863&correlator=2565070416045053&eid=44777629&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Chome.sanook%2Cdesktop%2Ctips%2Creadpage%2Cuniversalb&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&ifi=1&adks=846659022&sfv=1-0-40&prev_scp=category%3Dhighlight-index%2Cauthor-profile-display%2Ctips%2Chighlight-tip%2Chighlight-category-tips%2Chome.sanook.com-partner%26tags%3Dcovid-19%2C%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B8%259E%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%25AA%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B8%2581%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%2520pvc%2C%25E0%25B9%2580%25E0%25B8%2584%25E0%25B8%25A5%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%25A5%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B9%2580%25E0%25B8%25A3%25E0%25B8%25B7%25E0%25B9%2588%25E0%25B8%25AD%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%26partner%3Dhome.sanook.com-partner%26entry_id%3D25321&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1669268664870&lmt=1669268664&dlt=1669268651073&idt=10054&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=521977081.1669268660&ga_sid=1669268665&ga_hid=672208246&ga_fc=true
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
d7b00141f7aca0d55191a03fe992c364ad5a8ebb64693e8ec0812793bb4215fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9622
x-xss-protection
0
google-lineitem-id
5582840632
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138373742424
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		49 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2302071209970863&correlator=626911469352270&eid=44777629&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Chome.sanook%2Cdesktop%2Ctips%2Creadpage%2Cinviewadrequest&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=640x480%7C640x360&ifi=2&adks=3750302303&sfv=1-0-40&prev_scp=category%3Dhighlight-index%2Cauthor-profile-display%2Ctips%2Chighlight-tip%2Chighlight-category-tips%2Chome.sanook.com-partner%26tags%3Dcovid-19%2C%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B8%259E%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%25AA%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B8%2581%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%2520pvc%2C%25E0%25B9%2580%25E0%25B8%2584%25E0%25B8%25A5%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%25A5%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B9%2580%25E0%25B8%25A3%25E0%25B8%25B7%25E0%25B9%2588%25E0%25B8%25AD%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%26partner%3Dhome.sanook.com-partner%26entry_id%3D25321&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1669268664877&lmt=1669268664&dlt=1669268651073&idt=10054&adxs=1200&adys=1303&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&frm=20&vis=1&psz=400x-1&msz=400x-1&fws=512&ohw=0&ga_vid=521977081.1669268660&ga_sid=1669268665&ga_hid=672208246&ga_fc=true
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
dc6dcc1ad40d9f73e21fc4f091686e583c1329dbd478986aabe5c62272ce2904
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16765
x-xss-protection
0
google-lineitem-id
4741987593
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138239031270
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		76 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2302071209970863&correlator=714744271625594&eid=44777629&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Chome.sanook%2Cdesktop%2Ctips%2Creadpage%2Cinviewarticle&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=640x480%7C300x250%7C640x360%7C336x280%7C320x480&ifi=3&adks=3186715421&sfv=1-0-40&prev_scp=category%3Dhighlight-index%2Cauthor-profile-display%2Ctips%2Chighlight-tip%2Chighlight-category-tips%2Chome.sanook.com-partner%26tags%3Dcovid-19%2C%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B8%259E%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%25AA%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B8%2581%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%2520pvc%2C%25E0%25B9%2580%25E0%25B8%2584%25E0%25B8%25A5%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%25A5%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B9%2580%25E0%25B8%25A3%25E0%25B8%25B7%25E0%25B9%2588%25E0%25B8%25AD%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%26partner%3Dhome.sanook.com-partner%26entry_id%3D25321&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1669268664880&lmt=1669268664&dlt=1669268651073&idt=10054&adxs=279&adys=4332&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&frm=20&vis=1&psz=728x0&msz=728x0&fws=0&ohw=0&ga_vid=521977081.1669268660&ga_sid=1669268665&ga_hid=672208246&ga_fc=true
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a5e34c156a41f3fee11294483ad0c2d7386cbc6ade84df01c240671a39ed419c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25703
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		49 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2302071209970863&correlator=1846325160653222&eid=44777629&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Chome.sanook%2Cdesktop%2Ctips%2Creadpage%2Cbillboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1%7C1150x90%7C1090x250%7C728x90&ifi=4&adks=2090433894&sfv=1-0-40&prev_scp=category%3Dhighlight-index%2Cauthor-profile-display%2Ctips%2Chighlight-tip%2Chighlight-category-tips%2Chome.sanook.com-partner%26tags%3Dcovid-19%2C%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B8%259E%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%25AA%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B8%2581%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%2520pvc%2C%25E0%25B9%2580%25E0%25B8%2584%25E0%25B8%25A5%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%25A5%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B9%2580%25E0%25B8%25A3%25E0%25B8%25B7%25E0%25B9%2588%25E0%25B8%25AD%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%26partner%3Dhome.sanook.com-partner%26entry_id%3D25321&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1669268664883&lmt=1669268664&dlt=1669268651073&idt=10054&adxs=225&adys=-90&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&frm=20&vis=1&psz=1150x-1&msz=1150x-1&fws=4&ohw=1150&ga_vid=521977081.1669268660&ga_sid=1669268665&ga_hid=672208246&ga_fc=true
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
1495c7cb4444eebcda5f008ee3df500365ba46ec49b4148ca95d44da5d747da6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19670
x-xss-protection
0
google-lineitem-id
6151130123
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138411545810
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		49 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2302071209970863&correlator=4470499690970997&eid=44777629&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Chome.sanook%2Cdesktop%2Ctips%2Creadpage%2Creca&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250&ifi=5&adks=422533547&sfv=1-0-40&prev_scp=category%3Dhighlight-index%2Cauthor-profile-display%2Ctips%2Chighlight-tip%2Chighlight-category-tips%2Chome.sanook.com-partner%26tags%3Dcovid-19%2C%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B8%259E%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%25AA%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B8%2581%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%2520pvc%2C%25E0%25B9%2580%25E0%25B8%2584%25E0%25B8%25A5%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%25A5%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B9%2580%25E0%25B8%25A3%25E0%25B8%25B7%25E0%25B9%2588%25E0%25B8%25AD%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%26partner%3Dhome.sanook.com-partner%26entry_id%3D25321&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1669268664886&lmt=1669268664&dlt=1669268651073&idt=10054&adxs=1065&adys=649&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&ga_vid=521977081.1669268660&ga_sid=1669268665&ga_hid=672208246&ga_fc=true
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
2f461c583013080072414b5a3d14df743836c584712ba1aca8840ccd36e5e460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19892
x-xss-protection
0
google-lineitem-id
6148969644
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138411545726
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2302071209970863&correlator=4321855208410340&eid=44777629&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Chome.sanook%2Cdesktop%2Ctips%2Creadpage%2Cleaderboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90%7C468x60&ifi=6&adks=1507644527&sfv=1-0-40&prev_scp=category%3Dhighlight-index%2Cauthor-profile-display%2Ctips%2Chighlight-tip%2Chighlight-category-tips%2Chome.sanook.com-partner%26tags%3Dcovid-19%2C%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B8%259E%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%25AA%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B8%2581%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%2520pvc%2C%25E0%25B9%2580%25E0%25B8%2584%25E0%25B8%25A5%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%25A5%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B9%2580%25E0%25B8%25A3%25E0%25B8%25B7%25E0%25B9%2588%25E0%25B8%25AD%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%26partner%3Dhome.sanook.com-partner%26entry_id%3D25321&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1669268664889&lmt=1669268664&dlt=1669268651073&idt=10054&adxs=235&adys=1162&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&frm=20&vis=1&psz=728x0&msz=728x0&fws=0&ohw=0&ga_vid=521977081.1669268660&ga_sid=1669268665&ga_hid=672208246&ga_fc=true
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
f6d088282ddebf12446b85eb6d90bff6d4f2fe3e165cdd7669f1c560424437b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19547
x-xss-protection
0
google-lineitem-id
5481972657
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138407385543
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		57 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2302071209970863&correlator=1170715289744948&eid=44777629&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Chome.sanook%2Cdesktop%2Ctips%2Creadpage%2Ctower&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C300x600%7C160x600%7C120x600%7C240x400&ifi=7&adks=1729455778&sfv=1-0-40&prev_scp=category%3Dhighlight-index%2Cauthor-profile-display%2Ctips%2Chighlight-tip%2Chighlight-category-tips%2Chome.sanook.com-partner%26tags%3Dcovid-19%2C%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B8%259E%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%25AA%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B8%2581%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%2520pvc%2C%25E0%25B9%2580%25E0%25B8%2584%25E0%25B8%25A5%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%25A5%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B9%2580%25E0%25B8%25A3%25E0%25B8%25B7%25E0%25B9%2588%25E0%25B8%25AD%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%26partner%3Dhome.sanook.com-partner%26entry_id%3D25321&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1669268664891&lmt=1669268664&dlt=1669268651073&idt=10054&adxs=1065&adys=2648&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&ga_vid=521977081.1669268660&ga_sid=1669268665&ga_hid=672208246&ga_fc=true
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
b13a8ce91bd924e4bf2322eea90ca70b294b4f2aa68edf0f12c4d6015af5ec6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12007
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 64BB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 24 Nov 2022 05:44:25 GMT
expires
Fri, 24 Nov 2023 05:44:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
wl
t.pubmatic.com/ 		17 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.80 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:54 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.80 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:25 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame F252 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.80 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:08 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 8421 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFE5tVMEOCM60ILaTS09ff52JzD0Ua5rt_3oRU1mbeoWkLbWMY2UvUWzLM3TIHRNyoMBh-BimGWfKfDhNmkrP5rMSRxbF8TvP1Eakigssq4tRQZWzN1feEhfqBYu8g0Ill7aKq8VzaUdwsAkFcMzp9d71l-jWsGVmTUXdd12ehMYSQj3YARfz8qkuiyKHh5Ho2kdpYFE3tIIEzwaynoVp7qoQ5P5OZJP50bQHbl8LWEjNCGajF5HQo-dfgvdNnguBxDmVwhrXEZ8kcmW97jZ29EG-AVS1l0WJxfgFenmkZeTbQqe8Xg9YFlZweR_LtNRpSsR3ncQG2ze0tCnohcwDTuLRQfZjOClS7wvOW&sai=AMfl-YQNf5XXt1ou13NE_yPB1oV18WNOsNE-H_Wz-Mh-GKfhNYg_ZsWLvyPIosp6azf2uFZxoFVl-kdii5F_6vsIs89pCjrwwfhB9tLufeCDkcDbKkPI-OcBmuAZavqr6V3n&sig=Cg0ArKJSzKiIT2UBeab3EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 8421 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
2789661e67642847c0582652469996d40ea33e2750544195743cf7e2532e4836
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27210
x-xss-protection
0
server
sffe
etag
"1401 / 289 of 1000 / last-modified: 1669244741"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 24 Nov 2022 05:44:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8421 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 24 Nov 2022 05:44:25 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 8302 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=34093177&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
dd11b08fe56f9908804f916c637d7fb159232f8185f7330df5d8a4e5288666ff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 24 Nov 2022 05:44:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 5636 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=14494911&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
dd11b08fe56f9908804f916c637d7fb159232f8185f7330df5d8a4e5288666ff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 24 Nov 2022 05:44:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
view
securepubads.g.doubleclick.net/pcs/ Frame 8941 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuo8OG_TFMlo45XeoL9b0CT4AfHn-2wUVZZ32WZam9HX9B8ns0AjwTjU5HgXYd-RCJKblQtgXqnVdrxUz-q-YuieZSf-36Lp8yi2BIhR5p9pGllzdJV7MnPOS8028KcdH98usTcy4iLBUkA_T9c8ARrxs8KrlCGtA9WX4vqLTqAeioENXOE8brEFau9dJFkt09NU_gVupV_yV55_vGOtRfMs4JviMdMORrZZ-H86ZQMcqgYdKfqca199QYjjYvjVD4eJn0V8TQCW6lGfpLBBz3nkDa8ki_rz3_QwS9YVR7UUAskEU9yj_yeY5qDqW7rySaqz_y-OBTq6YOrqvrp2Gilnvyqyeko4ummcw6lmotZcZsXJ64&sai=AMfl-YS2HuB-llzgvGXaSMfDMtP6Y26mVf8FTIWr5BPRvBM7dAH4YPNYTSVm15MOVEnLaZdFfTwueTIoStFgQw5a14VwZlBF02Dg08RcOzy5vshLtWNQk5pq79w7q3AO4hdP&sig=Cg0ArKJSzJM9R4xlGQPwEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
video-js.min.css
s.isanook.com/sh/0/ad/inview/ Frame 8941 		38 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/ad/inview/video-js.min.css
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
cbbea5ddef89ab10c3ba4c56b378f820b7426c4da981721ad97f6d7638e0c2b1

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 17:40:35 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
39377
server
Lego Server
age
1861545
etag
W/"5958d2e5-99d1"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-nws-log-uuid
4508165839549558246
accept-ranges
bytes
content-length
13271
expires
Tue, 29 Nov 2022 04:34:19 GMT
videojs.ads.min.css
s.isanook.com/sh/0/ad/inview/ Frame 8941 		359 B
400 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/ad/inview/videojs.ads.min.css
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
44ca2146f5e4ac14cbb7e71aefc11dc07792aa5302627fee0209b3ecdab18b25

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 04:13:56 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
359
server
Lego Server
age
787691
etag
W/"5958d2e3-167"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-nws-log-uuid
9702782294648597134
accept-ranges
bytes
content-length
196
expires
Wed, 07 Dec 2022 01:23:46 GMT
ads-v1.0.3.css
s.isanook.com/sh/0/ad/inview/ Frame 8941 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/ad/inview/ads-v1.0.3.css
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
63a535305d3b0ca376dd8225cc817b1e6709f346016a99a5aa85c48ca2f77482

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:37:05 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 13 Jun 2018 05:50:00 GMT
server
Lego Server
age
0
etag
W/"5b20b088-117d"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
17765704038709563615
accept-ranges
bytes
content-length
1564
expires
Sun, 18 Dec 2022 13:37:05 GMT
jquery-1.8.3.min.js
s.isanook.com/sh/0/ad/inview/ Frame 8941 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/ad/inview/jquery-1.8.3.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
2295fbd4eed6fa5b0d775a17048a0f73e85c3a347bb384be7b427418cd453d23

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:00:59 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Sun, 02 Jul 2017 11:02:57 GMT
server
Lego Server
age
0
etag
W/"5958d2e1-16d8f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17062248817123526143
accept-ranges
bytes
content-length
34576
expires
Sat, 17 Dec 2022 17:00:59 GMT
video.min.js
s.isanook.com/sh/0/ad/inview/ Frame 8941 		246 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/ad/inview/video.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
4b73ba1653aaddc0c19e9729053ed92d6273c68705d70d145bf83080feee8deb

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 23:11:23 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Sun, 02 Jul 2017 11:02:59 GMT
server
Lego Server
age
215164
etag
W/"5958d2e3-3d69b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
4359748280809488856
accept-ranges
bytes
content-length
57340
expires
Sat, 17 Dec 2022 23:11:23 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 8941 		370 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f95.1e100.net
Software
sffe /
Resource Hash
218f3220f1e46f7d858f45c146e361f9a8a63337a0960df49cdcabd43c7b13a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126568
x-xss-protection
0
expires
Thu, 24 Nov 2022 05:44:26 GMT
videojs.ads.min.js
s.isanook.com/sh/0/ad/inview/ Frame 8941 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/ad/inview/videojs.ads.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
d021a42429c9121303b4aa9316b84d89377992c1ba5c680eadb5b3e38989fe61

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 10:52:47 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
18700
server
Lego Server
age
55860
etag
W/"5958d2e4-490c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
5824590766939573824
accept-ranges
bytes
content-length
5141
expires
Thu, 22 Dec 2022 10:52:47 GMT
videojs.ima.js
s.isanook.com/sh/0/ad/inview/ Frame 8941 		47 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/ad/inview/videojs.ima.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
10b7f660bbe70fc660e99f219bfd972dafc4837c50260a04c0ec63f7a7c2cead

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 11:08:47 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Sun, 02 Jul 2017 11:03:00 GMT
server
Lego Server
age
0
etag
W/"5958d2e4-bbbc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
11807417169830509845
accept-ranges
bytes
content-length
10915
expires
Sat, 17 Dec 2022 11:08:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8941 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 24 Nov 2022 05:44:25 GMT
2701114.jpg
cdn.th.giraff.io/cdn/images/300x200/14/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/300x200/14/2701114.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.26.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38a7230d2869354582432fbb7d59dec1904c655012461a9ee5ddf38aa89e7541

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
cf-cache-status
HIT
age
2026526
cf-polished
degrade=85, origSize=34066, status=webp_bigger
content-length
15661
cf-bgj
imgq:85,h2pri
last-modified
Mon, 31 Oct 2022 12:10:21 GMT
server
cloudflare
etag
"635fbb2d-8512"
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
76efd5278a33a813-SYD
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 30 Nov 2022 18:48:59 GMT
2700784.jpg
cdn.th.giraff.io/cdn/images/300x200/84/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/300x200/84/2700784.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.26.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
368ecfaab02401dba8ac6ab9431a1a3aac05520d0d3592b2aab6bbeacacb3832

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
cf-cache-status
HIT
age
619053
cf-polished
qual=85, origFmt=jpeg, origSize=20930
content-disposition
inline; filename="2700784.webp"
content-length
8404
cf-bgj
imgq:85,h2pri
last-modified
Tue, 08 Nov 2022 18:17:22 GMT
server
cloudflare
etag
"636a9d32-51c2"
access-control-max-age
1728000
vary
Accept
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
76efd5278a36a813-SYD
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 17 Dec 2022 01:46:52 GMT
sanookcom-home
data.th.giraff.io/hit/ 		0
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.th.giraff.io/hit/sanookcom-home?u=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&tag=pv_rv&tag=ws_rv_1&tag=ws_rv_4&tag=ws_rv_3&ht=8227&rand=0.5109146561699802
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
209.58.178.57 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
server
nginx
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
263811.js
a.th.giraff.io/data/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/263811.js?json=1&async=1&cs=utf-8&rand=0.449561959211785&num=2&as=&callback=callback5400330405151519
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-sanookcom-home.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.249.95 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
828ea8a4db6e5efedf4976ec59e47ffbbd53240fdc6540994c4b9bb96d3d76ed

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
access-control-max-age
1728000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
view
securepubads.g.doubleclick.net/pcs/ Frame 5DA1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuaCdlMftDwgcmDK5GZW99pXnNKZZqk5NUY7qE9j2RLH192hxjIfG_SciAmPc8dAykGzruy2E9jcBIHTSg41kE02Teat8NPbDVgNYYXnG_Ao9VIlQBBRPMO7nCyU0Nj8wJKLAoP2mjW0lSAimMT8TOo86upa-1vLBQqmc6dnGs44rJupZaBvSH8vVu_Key-2LCuW7woD26dztBCQQMm825j3SBda78gUelQVMDqLUAq8aTo6iVixkss2ugtJmmp6j3rRsV-OexHEh97WkugzYF8SQHMwBduvncl_qUC90cKRzKFdcXl4Ao55_HQQvRfW1zjB5MzfYpl0GS57WyAWP3qbKGRu4eNIZbUBcQ&sai=AMfl-YQ8n0SiEZ1233Wn1hNgTzGotf2VlqbLczb7VuiaeGgEbSPiepIB_lyuFB1EqG5RFsx3kJvLV32am9qg-3QTCwlN5uzTw8aM5_vaCEb5u4FehcFVPefNPcMS6_j50G_PSg&sig=Cg0ArKJSzKn2VyB8DWYZEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 5DA1 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:21:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
48164
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Dec 2022 16:21:42 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 5DA1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 04:03:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
6043
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Dec 2022 04:03:43 GMT
l
www.google.com/ads/measurement/ Frame 5DA1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQZ1_u7GdxnzM78IoUizHD5j85O-oLgQVN9gPshM5tF4mk6raBuOMGRc1avF-4qXXnvZvr0XFISFs4lotdpLfdTubi8Ng
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5DA1 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 24 Nov 2022 05:44:25 GMT
o_1gh869l015ih13lh451ps31l9id.jpg
img-as.fsanook.com/files/uploads/ads/dfp/20221107/ Frame 5DA1 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-as.fsanook.com/files/uploads/ads/dfp/20221107/o_1gh869l015ih13lh451ps31l9id.jpg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.30 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
0c2ca733d1698fa82a214299a9c2ca30d13fd895320613cb4dd000dd5ed259cf

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:26 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Mon, 07 Nov 2022 04:41:36 GMT
server
Lego Server
etag
"63688c80-59cd"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
6300537108480328426
accept-ranges
bytes
content-length
22989
view
securepubads.g.doubleclick.net/pcs/ Frame DCE6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWYUcU2BHzfgZOl0nDovISYrhQhlw4Az6sUNp5H7xX4sGoIufFvq8DIxyab66RiajySX3jnGaDxFyApew0Vx4O0zPxSDLWgXfBEfFgGK6o9zN_uDLFo12cBZ0IOjCy0qeuACPsY-gELH3UJnTTFyyWz60MP3I4FwqUDv8OPNP5Jmx4qXZ2t1-SNe1rylOyjtwjvbLITtSKu94iIGHskl8tN1T-yECp6Jqlm1xrxFeOflAW8_vLNdobajttp8fxosZDvSCMG-f94uv8k8hlQslynS5J_P3hl1om6uhopWxwmxGw9uBu1hx6anDO8tPKliWwfTmI8KGmU3TpPxuCCKpLfJTrv0H7&sai=AMfl-YSlHYMsmadhMPLifVLOjlJSV0XPlBHlofpNu9Fttb7c4T_8TbJEt_YBa7FuAhxuUZMpAAtu89tLM1lg_epivXCDBuhHoyU93Zi3SoxGArMHmOkAuRZw81ZD3Zrwm1am&sig=Cg0ArKJSzLFgYX5G1ZvXEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame DCE6 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:21:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
48164
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Dec 2022 16:21:42 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame DCE6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 04:03:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
6043
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Dec 2022 04:03:43 GMT
l
www.google.com/ads/measurement/ Frame DCE6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTuN-gcEe2eBIClv8RparvdU0i_v-2pOMJWFSBiaoMAv9-Cl1cQVeI-yMXWhmK5eb9kp8IqF7cWP3q4ZXFbefoF9mrbFA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DCE6 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 24 Nov 2022 05:44:26 GMT
o_1gh84b2261m3b1n0ro8q1ce012eag.jpg
img-as.fsanook.com/files/uploads/ads/dfp/20221107/ Frame DCE6 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-as.fsanook.com/files/uploads/ads/dfp/20221107/o_1gh84b2261m3b1n0ro8q1ce012eag.jpg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.30 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
65c5b10fbb5cc680e30d8fda1446fa2e055692d7b35522a5263f800ba3e6c5f9

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:26 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Mon, 07 Nov 2022 04:07:26 GMT
server
Lego Server
etag
"6368847e-14553"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
7358828641857388293
accept-ranges
bytes
content-length
83283
pxd
dps.jp.cinarra.com/ Frame 29D4 		95 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=0683D562-871D-4C89-8C7A-213479BC869E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.113.156.50 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-113-156-50.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
95
Content-Type
image/png
Date
Thu, 24 Nov 2022 05:44:26 GMT
cm
ipac.ctnsnet.com/int/ Frame 704F 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 24 Nov 2022 05:44:25 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame 67A9
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=9d1bc55b6c144491a26e2bf1b04fb22d
42 B
381 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=9d1bc55b6c144491a26e2bf1b04fb22d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 24 Nov 2022 05:44:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Thu, 24 Nov 2022 05:44:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=9d1bc55b6c144491a26e2bf1b04fb22d
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
Pug
simage2.pubmatic.com/AdServer/ Frame 7EBA
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FaAJvaKv1OY52a5&gdpr=0&gdpr_consent=
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FaAJvaKv1OY52a5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 24 Nov 2022 05:44:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 24 Nov 2022 05:44:26 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FaAJvaKv1OY52a5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0b7d7e75c35afaec7@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 79BA
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1669268666590
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2968548022
  • https://sync.1rx.io/usersync/tradedesk/5991ec9a-6f95-4278-8bf4-53cd73b3fe51
  • https://sync.targeting.unrulymedia.com/csync/RX-7c30c968-db8c-41ae-b6b4-46126cfe7109-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7c30c968-db8c-41ae-b6b4-46126cfe7109-004
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7c30c968-db8c-41ae-b6b4-46126cfe7109-004
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 24 Nov 2022 05:44:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Thu, 24 Nov 2022 05:44:28 GMT
etag
RX7c30c968db8c41aeb6b446126cfe7109004
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7c30c968-db8c-41ae-b6b4-46126cfe7109-004
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
bridge
cm.adgrx.com/ Frame E84B 		0
229 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.14.27 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-14-27.ap-southeast-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
date
Thu, 24 Nov 2022 05:44:26 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
aws-apsoutheast1c-delivery-3
i.match
s.tribalfusion.com/z/ Frame E1FB
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
439 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
76efd52dadad1c59-AKL
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 24 Nov 2022 05:44:26 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
76efd52979511c59-AKL
content-type
text/html
date
Thu, 24 Nov 2022 05:44:25 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
543
cookiesync
core.iprom.net/ Frame 0175 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 24 Nov 2022 05:44:27 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-08d693508c79@version_1.531
X-core-time
0ms
X-server-arch
v2
/
csync.loopme.me/ Frame 13D9 		0
0
141
match.deepintent.com/usersync/ Frame 5E20 		0
39 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
0
date
Thu, 24 Nov 2022 05:44:26 GMT
server
a
Pug
simage2.pubmatic.com/AdServer/ Frame A1FA
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CD47C018B3054D07B0988B6AD97255DB&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CD47C018B3054D07B0988B6AD97255DB&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 24 Nov 2022 05:44:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Thu, 24 Nov 2022 05:44:25 GMT
expires
Wed, 23 Nov 2022 05:44:25 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CD47C018B3054D07B0988B6AD97255DB&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
info2
uipglob.semasio.net/pubmatic/1/ Frame 8302
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=0683D562-871D-4C89-8C7A-213479BC869E&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0683D562-871D-4C89-8C7A-213479BC869E&sInitiator=external&gdpr=0&gdpr_consent=
42 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0683D562-871D-4C89-8C7A-213479BC869E&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
HTTP/1.1
Server
119.9.108.180 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

uip-response-status
FallbackResponse
date
Thu, 24 Nov 2022 05:44:21 GMT
frontend-id
0
content-length
42
routing-server-id
1
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:20 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=0683D562-871D-4C89-8C7A-213479BC869E&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 8302 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0683D562-871D-4C89-8C7A-213479BC869E&gdpr=0&gdpr_consent=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.203.49 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-203-49.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:25 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.29.36
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 8302
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=0683D562-871D-4C89-8C7A-213479BC869E
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=0683D562-871D-4C89-8C7A-213479BC869E
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d413f4ce-073b-4fa1-b335-bdcecbcd182d%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&ttd_puid=d413f4ce-073b-4fa1-b335-bdcecbcd182d%2C
95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&ttd_puid=d413f4ce-073b-4fa1-b335-bdcecbcd182d%2C
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H3
Server
107.178.244.193 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
193.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:27 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:27 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&ttd_puid=d413f4ce-073b-4fa1-b335-bdcecbcd182d%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
353
info2
uipglob.semasio.net/pubmatic/1/ Frame 5636
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=0683D562-871D-4C89-8C7A-213479BC869E&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0683D562-871D-4C89-8C7A-213479BC869E&sInitiator=external&gdpr=0&gdpr_consent=
42 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0683D562-871D-4C89-8C7A-213479BC869E&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
HTTP/1.1
Server
119.9.108.180 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

uip-response-status
FallbackResponse
date
Thu, 24 Nov 2022 05:44:21 GMT
frontend-id
0
content-length
42
routing-server-id
1
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:20 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=0683D562-871D-4C89-8C7A-213479BC869E&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 5636 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0683D562-871D-4C89-8C7A-213479BC869E&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.203.49 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-203-49.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:25 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.9.57
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 5636
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=0683D562-871D-4C89-8C7A-213479BC869E
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=0683D562-871D-4C89-8C7A-213479BC869E
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d413f4ce-073b-4fa1-b335-bdcecbcd182d%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&ttd_puid=d413f4ce-073b-4fa1-b335-bdcecbcd182d%2C
95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&ttd_puid=d413f4ce-073b-4fa1-b335-bdcecbcd182d%2C
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H3
Server
107.178.244.193 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
193.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:27 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:27 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=5991ec9a-6f95-4278-8bf4-53cd73b3fe51&ttd_puid=d413f4ce-073b-4fa1-b335-bdcecbcd182d%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
353
pxd
dps.jp.cinarra.com/ Frame 3396 		95 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=0683D562-871D-4C89-8C7A-213479BC869E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.113.156.50 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-113-156-50.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
95
Content-Type
image/png
Date
Thu, 24 Nov 2022 05:44:26 GMT
cm
ipac.ctnsnet.com/int/ Frame 5AAD 		43 B
203 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 24 Nov 2022 05:44:25 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame CC4C
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=f0aed5e1b065440fbc1d0dd287fdfd72
42 B
303 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=f0aed5e1b065440fbc1d0dd287fdfd72
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 24 Nov 2022 05:44:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Thu, 24 Nov 2022 05:44:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=f0aed5e1b065440fbc1d0dd287fdfd72
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
Pug
simage2.pubmatic.com/AdServer/ Frame 3D7D
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FaAJvaKv1OY52a5&gdpr=0&gdpr_consent=
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FaAJvaKv1OY52a5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 24 Nov 2022 05:44:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 24 Nov 2022 05:44:26 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FaAJvaKv1OY52a5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0b7d7e75c35afaec7@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 06FD
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1669268666590
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5016456853
  • https://sync.1rx.io/usersync/tradedesk/5991ec9a-6f95-4278-8bf4-53cd73b3fe51
  • https://sync.targeting.unrulymedia.com/csync/RX-7c30c968-db8c-41ae-b6b4-46126cfe7109-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7c30c968-db8c-41ae-b6b4-46126cfe7109-004
42 B
333 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7c30c968-db8c-41ae-b6b4-46126cfe7109-004
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 24 Nov 2022 05:44:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Thu, 24 Nov 2022 05:44:28 GMT
etag
RX7c30c968db8c41aeb6b446126cfe7109004
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7c30c968-db8c-41ae-b6b4-46126cfe7109-004
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
bridge
cm.adgrx.com/ Frame 4BEC 		0
230 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.14.27 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-14-27.ap-southeast-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
date
Thu, 24 Nov 2022 05:44:26 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
aws-apsoutheast1c-delivery-3
i.match
s.tribalfusion.com/z/ Frame 45B2
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
76efd52dadaa1c59-AKL
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 24 Nov 2022 05:44:26 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
76efd52979521c59-AKL
content-type
text/html
date
Thu, 24 Nov 2022 05:44:25 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
1863
cookiesync
core.iprom.net/ Frame E4E2 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 24 Nov 2022 05:44:27 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-899a07a97463@version_1.531
X-core-time
0ms
X-server-arch
v2
/
csync.loopme.me/ Frame 48C4 		0
0
141
match.deepintent.com/usersync/ Frame AFF3 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
0
date
Thu, 24 Nov 2022 05:44:25 GMT
server
a
Pug
simage2.pubmatic.com/AdServer/ Frame 2F37
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CD47C018B3054D07B0988B6AD97255DB&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CD47C018B3054D07B0988B6AD97255DB&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 24 Nov 2022 05:44:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Thu, 24 Nov 2022 05:44:25 GMT
expires
Wed, 23 Nov 2022 05:44:25 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CD47C018B3054D07B0988B6AD97255DB&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
container.html
e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 33EA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 24 Nov 2022 05:44:25 GMT
expires
Fri, 24 Nov 2023 05:44:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame C0FD 		221 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 18 Nov 2022 00:11:28 GMT
age
538378
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 18 Nov 2023 00:11:28 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame C0FD 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 23 Nov 2022 06:44:32 GMT
age
82794
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 23 Nov 2023 06:44:32 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame C0FD 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 22 Nov 2022 05:23:01 GMT
age
174085
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 22 Nov 2023 05:23:01 GMT
amp-bind-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame C0FD 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-bind-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
706aad9686a49302c1b1f349c361b2dde32254423c107d07126887cbaa13c0da
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 23 Nov 2022 22:41:13 GMT
age
25393
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13726
x-xss-protection
0
server
sffe
etag
"122740ee53dc1c35"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 23 Nov 2023 22:41:13 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame C0FD 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 17 Nov 2022 11:57:47 GMT
age
582399
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Nov 2023 11:57:47 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame C0FD 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 22 Nov 2022 19:38:19 GMT
age
122767
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 22 Nov 2023 19:38:19 GMT
css
fonts.googleapis.com/ Frame C0FD 		6 KB
745 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=en
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
ESF /
Resource Hash
48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 24 Nov 2022 05:44:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 24 Nov 2022 05:16:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 24 Nov 2022 05:44:26 GMT
css
fonts.googleapis.com/ Frame C0FD 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
ESF /
Resource Hash
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 24 Nov 2022 05:44:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 24 Nov 2022 05:18:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 24 Nov 2022 05:44:26 GMT
th.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C0FD 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/th.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:55:42 GMT
x-content-type-options
nosniff
server
cafe
age
46124
etag
12800268860518071124
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3306
x-xss-protection
0
expires
Thu, 24 Nov 2022 16:55:42 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C0FD 		344 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 12:35:44 GMT
x-content-type-options
nosniff
server
cafe
age
61722
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Thu, 24 Nov 2022 12:35:44 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/4953556147031902050/ Frame C0FD 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4953556147031902050/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQ2AQYASABLQAAAD8&rs=AOga4qms67t8bNF3H3_hAlteGjkQFeCcog
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
377fc815a99013c89474ff2603750cb2b3453bc23abb65fc635aa9e8b6dd47eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:26 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42926
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 07:47:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 24 Nov 2023 05:44:26 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/1562582037647666407/ Frame C0FD 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1562582037647666407/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIqgIQqgIYASABLQAAAD8wqgI4qgJFAACAPw&rs=AOga4qmzBQHDgWB0vUoGEgJ9qi0sV5mTLA
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a7c3aafa4ecc298cc3f841c0db323285ccaf4d4aa8231a5126476e1945264ca2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:26 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18543
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 05:18:18 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 24 Nov 2023 05:44:26 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame C0FD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C75SIuQR_Y7OVBOKQ9fwP1a-TgAa99_63ba2bnLzNENrygr7xChABIK_R2x9gq-yxheAYoAGe5-rNAcgBBqkCFKarS5YqgT7gAgCoAwHIAwqqBIQCT9Clif4qPGBdwOOg0E0WlvX-2YtrVFsSe_myuj74tlz3HUxk5Vd5HLJbZvoNvvVoxk5ANwUEloqaJV47mqERZzmSH1ndyfiiET8KQXiZ7NPtGc-c1rxh94fdzImznGT_B3nUG4p3ML04gyTP6FplLRvRJuA4NJIGbTygcYcgueglEkbFn0XsUPS3l6X4A8MZHC-vRednWq7_XHa0ssvgQMczx1hZe9umArt8TRw7-0ian_rEaX2OXJDVWOjoX1u0SjIH_vmpD4byAWYXBUhK0MxApTZ95LA3z94GkhMpgx8iAOtnVGooet6pVUcxyHLnmkf476ce92kbsMZ8XsTb8Z-rxWrABOapssmQBOAEAZIFBAgEGAGSBQQIBRgEoAY3gAfcoJbFA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDEPAu0ggPCIBhEAEYHTICigI6AoBAgAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTYxNjcyMzg3MTI3MjkwMzIY94EQ&sigh=_l_yg9JJ38A&uach_m=[UACH]&cid=CAQSPADq26N9nCeb-g0tDH6TQg8sABMqFopZX-50jVwQ4gmoKBh47ZOszh8A8vMowfTJn5KmHMh-b5fzlM48KxgBIBM&template_id=492
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
l
www.google.com/ads/measurement/ Frame C0FD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS1Ph_QHnaaoTw9X2an07sRYOg7MBda-wAkQ40cMONhQARj8jz65gXjcSwWBrIZ4OdSdH-hK-ZNQ1JihiKdI0V9D98sOg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame C0FD 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
79ca99992912bb6fc4380d9ac2e572c7ebfb50d429b8fad75741a8e866abb3d7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ Frame 8421 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149650
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 22 Nov 2023 12:10:15 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 8421 		1 KB
589 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
6efc3688c28ee7b57861ec7a9d4bf85de6af635d47ffae54a8a1369ca300843e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
405
x-xss-protection
0
expires
Thu, 24 Nov 2022 05:44:26 GMT
257042.js
a.th.giraff.io/data/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/257042.js?json=1&async=1&cs=utf-8&rand=0.0886745893547396&num=3&as=653786%3A2841952%3A2841950%3A2841956%3A653805%3A2841953%3A2841954%3A2841955%3A2841949%3A2841951%3A2818124%3A2818123%3A2817821&nodupes=1&callback=callback6020917113273756
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-sanookcom-home.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.249.95 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
59fe0bb62ab5181c6615cef1eacc5d372eab0d0fb8dcdb298b774297ae96f1ff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
access-control-max-age
1728000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
2710478.jpg
cdn.th.giraff.io/cdn/images/300x200/78/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/300x200/78/2710478.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.26.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97c533d96bd5b606c7151b9f954806d15d733e5fda4f2b18a8d64e5849bb7b04

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:26 GMT
cf-cache-status
MISS
content-length
37241
last-modified
Mon, 21 Nov 2022 21:56:45 GMT
server
cloudflare
etag
"637bf41d-9179"
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
76efd5291c98a813-SYD
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 24 Dec 2022 05:44:26 GMT
2721929.jpg
cdn.th.giraff.io/cdn/images/300x200/29/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/300x200/29/2721929.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.26.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cb9d710b64a5f785a25b5e7d157a4eba6e9d86c24fbd088ccdf71120dc30925

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:26 GMT
cf-cache-status
MISS
content-length
37158
last-modified
Tue, 22 Nov 2022 02:17:58 GMT
server
cloudflare
etag
"637c3156-9126"
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
76efd5291c9aa813-SYD
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 24 Dec 2022 05:44:26 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8129 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstB0nIk68dvQkQ78uld-v6jU2csrkB4Eb76XKRJXk7pcQxy9HmG7uS4bDvffdq0l9gtbMk1SXy4QSJp1BjIlz73E3kTLemmaemL9LPxav9rUiOZdgVIaas6fjr85s9_iv0Fx2AN6aJPQtjBlqJLgazpsWWfF60jg4dd28VCZzSQT_VbXCDQjU5tM6UdYO0pkyF0X8Uet6e1RWWE81TNrbKZ__0EQFLKrlp1HJ0_p1eIiuEJGYH9QiDJHhNMZJ39z2CWoP48QTYdzotiEw-bRuCKfRsLnH0JUx6U1PP8pvc1wmaoqfq1uFhG7AJHwg4iUYFonBn_LA5oxcnHP1BA5pOoK3PFYUxaX17Yza1ePQ&sai=AMfl-YQKf9rrLkCM8L81TpI1KZrbdc1d7EmM--ItZHsp67lAS_Xw3kzS7-OlDhn36yEJw6-WCyOHjom2w8mtks5V0BZkOBYOnhNZzvjyor-5r1VHRHkcUSfSdqecbVi6pLnUkw&sig=Cg0ArKJSzHxyDqV-7jDOEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 8129 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:21:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
48164
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Dec 2022 16:21:42 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 8129 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 04:03:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
6043
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Dec 2022 04:03:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8129 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 24 Nov 2022 05:44:25 GMT
o_1gelhj4c181p1q27rep1gnh1ln2b.jpg
img-as.fsanook.com/files/uploads/ads/dfp/20221006/ Frame 8129 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-as.fsanook.com/files/uploads/ads/dfp/20221006/o_1gelhj4c181p1q27rep1gnh1ln2b.jpg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.30 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
28b09bd6e12d72caeeee6dae10fd9c3e8d6d3491c417e6fb3913e985dfa430fe

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:26 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 06 Oct 2022 02:22:02 GMT
server
Lego Server
etag
"633e3bca-9308"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
12015117420758949883
accept-ranges
bytes
content-length
37640
user-synced
rtb-eu.andbeyond.media/ Frame B06A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-eu.andbeyond.media/user-synced?zone=136924&uid=A9156914857131033907
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=136924&r=%2F%2Frtb-eu.andbeyond.media%2Fuser-synced%3Fzone%3D136924%26uid%3D%7BUID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
0
Date
Thu, 24 Nov 2022 05:44:26 GMT
Server
nginx
AGSKWxWfJSWqAWNozqSmNfnODMa-WO1IbluQhPFJhbDCkiKmwHowsGxZoyaSGHqWpFJMvctbOvGuE0p3aUcud5e6WB8ZU56ylkUr7f6CwCHHXJ24zd4RK8TrlY_zAcIyreUFpD8hgU69GA==
fundingchoicesmessages.google.com/f/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWfJSWqAWNozqSmNfnODMa-WO1IbluQhPFJhbDCkiKmwHowsGxZoyaSGHqWpFJMvctbOvGuE0p3aUcud5e6WB8ZU56ylkUr7f6CwCHHXJ24zd4RK8TrlY_zAcIyreUFpD8hgU69GA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjY5MjY4NjY1LDgzNTAwMDAwMF0sIjlCMTlGQTE0LTkxOTMtNDZFRi04RUQ1LTNDREU1NkQzMzlERSIsbnVsbCxudWxsLFtudWxsLFs3LDEwXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMSwxXSwiaHR0cHM6Ly93d3cuc2Fub29rLmNvbS9ob21lLzI1MzIxLyIsbnVsbCxbWzgsIl96T1V3aVNab0Q4Il0sWzksImVuLUdCIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB._zOUwiSZoD8.es5.O/d=1/rs=AJlcJMxeTRyuDR6pcl1eLLO3wTw1ujoqfA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f138.1e100.net
Software
ESF /
Resource Hash
5bcb9c7a857a6e8cab83d06ca04f9b6ce57c9418b0c3295e0803bf3481503859
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TRLV2Lylv5HB1dYbgHYo0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:26 GMT
content-security-policy
script-src 'report-sample' 'nonce-TRLV2Lylv5HB1dYbgHYo0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=sanook.com&p=%2Fhome%2F25321%2F&u=B34c9vDhLMuuBhwLUQ&d=sanook.com&g=59732&g0=home&g1=Suwimol%20Lucksaniyanont&n=1&f=00001&c=0&x=0&m=0&y=9952&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=15984&t=B2NDpGZ5KIbBx-JXkCuUjstCqOiwB&V=136&i=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB%E0%B8%A3%E0%B8%B7%E0%B8%AD%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%84%E0%B8%AB%E0%B8%99%E0%B8%A1%E0%B8%B5%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%87&tz=0&sn=1&sv=p9sYmewfBLDrcl5xB7Edb3CnF3X9&sd=1&im=067b2fff&_
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.101.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-101-114.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 24 Nov 2022 05:44:26 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
sanookcom-home
data.th.giraff.io/hit/ 		0
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.th.giraff.io/hit/sanookcom-home?u=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&tag=pv_ae&tag=ws_ae_9&ht=8750&rand=0.15043279698946588
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
209.58.178.57 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:26 GMT
server
nginx
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		164 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=sanook.com&domain=sanook.com&path=%2Fhome%2F25321%2F
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2c798a47254246a3f38ad7bd8c61e8b3e6e43836ec2093230f75fcf0e73c7064

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 24 Nov 2022 05:44:26 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
133
x-served-by
cache-mel11245-MEL
x-timer
S1669268667.548708,VS0,VE249
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Tue, 22 Nov 2022 05:44:26 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8421 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjAXLPqY6Xw1AnWYY9uTZAr-SjOpqfXSVQdVGsGRtH3qrHq8lzlyR5wucHC8tWp1LkgrEbkdPl-bXmRKeMACj8eNdbDgdSK5P8fXMZp37Pj6MJ-ikpNS8UwFGWyHtByvTK9ZSaGsxTKpKsQn3-YfA5DF534OxTdV7sAdwYtDXvpaWMcIwswKkjZy4E4vABsCEMPT8eqdrws1xKT-dJh7Uw_wdXZGnfwjZSa6BJZU9tFq1PUWP7G_9gavno6qg6xrdo2LGWRIUNCBaxnqDQuukN1O_UKmxeWmf1Mz71mVFd0c2J8-8DHz1v54wmKZX7MclyTMzjplB2SlAnyH3ZRXDLyrUIUya79wZR8k5__gQ&sai=AMfl-YQPwkbzyc2ae-i8H4A5Hi6zmGhddeppNtObLLxAxckgajTUcPOTfN4Zu4yxKZdlYQPCQyBzVLgVHsFvhQ3wzGaakFYDQVZslV1zF9giQ0_OKiNF1Qm09DgLbUVMkg7x&sig=Cg0ArKJSzPSDQkwldpbpEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 24 Nov 2022 05:44:26 GMT
integrator.js
adservice.google.co.nz/adsid/ Frame 8421 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8421 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 8421 		1019 KB
92 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2955339944286119&correlator=3830828401933653&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&us_privacy=1---&iu_parts=21927187246%2C55034_Sanook_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=178697795&sfv=1-0-40&sc=1&cookie=ID%3Df57c3744a56ae2c8%3AT%3D1669268665%3AS%3DALNI_Mbxh1-DaNBwkynnpGRd9wG3nyg-Jw&gpic=UID%3D00000b824b065f36%3AT%3D1669268665%3ART%3D1669268665%3AS%3DALNI_MbrXMZs_BWWwQ3_gctlYdkaFS6bug&abxe=1&dt=1669268666449&lmt=1669268666&dlt=1669268665243&idt=816&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=ilcdul9ph8vz&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&ref=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&top=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F&frm=23&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&ga_vid=521977081.1669268660&ga_sid=1669268666&ga_hid=918016693&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
dabde4e9253aaa809f350e37347ac65d669447f9d23a391eddcde4a7ad941035
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94388
x-xss-protection
0
google-lineitem-id
5849485604
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138373690262
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8421 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
63d5f7ba292588f45c5ea9269887ff650d5a291f91b474009ec5d3031df5bc8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12319
x-xss-protection
0
container.html
dd31626167c276297e6a56d55da8592d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8FCC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dd31626167c276297e6a56d55da8592d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 24 Nov 2022 05:44:26 GMT
expires
Fri, 24 Nov 2023 05:44:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 33EA 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
URL: https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:21:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
48164
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Dec 2022 16:21:42 GMT
css
fonts.googleapis.com/ Frame 33EA 		8 KB
789 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
URL: https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 24 Nov 2022 05:44:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 24 Nov 2022 04:10:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 24 Nov 2022 05:44:26 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/ Frame 33EA 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.css
Requested by
Host: e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
URL: https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f95.1e100.net
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 21:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
114355
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 11:42:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 21:58:31 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/ Frame 33EA 		388 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Requested by
Host: e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
URL: https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f95.1e100.net
Software
sffe /
Resource Hash
101b8d837f8e01156fc293db1932eead16c29f9f16da622bfa89f394fbfd1273
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 22:04:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113997
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134376
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 11:42:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 22:04:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 33EA 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
URL: https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:21:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
48194
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Dec 2022 16:21:12 GMT
l
www.google.com/ads/measurement/ Frame 33EA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRC4ub0uG-m39UBXuJBlyvB9VHNnvMLNqLk-OEz7QavjGtMq9jbUR6BfSUVI8ZCRv2aC4REXCr_TJbis70qr9mI_cd9Ow
Requested by
Host: e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
URL: https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
user-synced
rtb-eu.andbeyond.media/ Frame 9793 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-eu.andbeyond.media/user-synced?zone=136922&uid=A7537983864338538441
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=136922&r=%2F%2Frtb-eu.andbeyond.media%2Fuser-synced%3Fzone%3D136922%26uid%3D%7BUID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
0
Date
Thu, 24 Nov 2022 05:44:26 GMT
Server
nginx
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C0FD 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.sanook.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:23:21 GMT
x-content-type-options
nosniff
age
98466
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 02:23:21 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C0FD 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.sanook.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 21:45:11 GMT
x-content-type-options
nosniff
age
287956
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 20 Nov 2023 21:45:11 GMT
truncated
/ Frame DCE6 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1dd0373eafe520d6db9b00801e1fd69cb68717cd00c1fa5e3cb2cc3fbd4a864

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame DCE6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuu2jOWY3we0wyioLgUJGil5D3oIdDUPIKUcXfIZCJZV3VC6jAcWcyYTe1R20jLiNPueYl1PS9TisVKHEWjLSPi6DKm1r3Y_or2mEVeVUx3XN-_g0GwkBt9zmYE8-SrwCkj4TbIhLy8jGngl7h6yi3Cu6M6CwNMwp4qXgjEFHGy_IUkDbBVV72Uh-_LZdVZR15DmnIf5BgOkaZKdAyBL8zmWEx0fpARXpiCGNL1Jess0QmbkfAfr-s8U6ABy3F7bHclNKwUGtn4Vg7b3zjq5gmjXWDebMmL9KqK69p1v9ZeODYrhPBi_eLB6f2bunmc1Q0eeLF7uiJbV0k5KFWop_Svuq3zotu8s5o&sai=AMfl-YROIYZO2CEfS2qFuv51CQNVvSbJPk3GkaA2-txT9_8me6Lxps6OY_At8l-cKiZTperlmBo0kKvOZu8OHnGP3-0bN4fb966R7U2pEpdWFwH_xuJIduDc8oWuQwoAEupA&sig=Cg0ArKJSzMh4VbyRL-MFEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 24 Nov 2022 05:44:26 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4F21 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwV08EY4fJLxpMH2fYZtdXQiqxeVFTXNV4yJjtDD-E9EG3Zr6L1oSELrrjk4d8FhZk24mveSK1X6NHajU1z7PP3_LJXNPHautJVnADvdlx-6yi9UVzzMhunOxTta3ouLPlO8PqqXQjSnhyqRrIOLocIHQmRb4VeCa04Eih0fiA7dCw2aJFDckQJyvuzgPpF5Hb2YVQ9FsowNwzePLZuMvMcn2Z4kumKs1-tHP46f_-g773bRuHsfHQlPmTCKTp4-NXxnSxkMe6vogSNo6gXCOyLDcpmhAunmKhuG4E4LnHP80DN3OCowqCxbLHJSXjyi1NWXRgYI4&sai=AMfl-YSKr2_7O_pZcr5Ivc-_VOI_C3pcEEa1t7Y8C5kKLK6nTE6E2PTCNaBVMsldF9NmfvBPmeS8hFIBWy629vK1nJ708bObxtiPXR2B20B8mAxp4EwQe0YnBGYC33gJIEVT8g&sig=Cg0ArKJSzGZL_nt9yAUlEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame 4F21 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 02:56:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10072
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 02:56:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4F21 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 24 Nov 2022 05:44:27 GMT
truncated
/ Frame 5DA1 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a2d868a2caabd0011af12d9e9834c8fcde223d0b440dd040f9d6165dd7e860e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 5DA1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-1oS0--aZHb2ePNABN1TUyxx4ffuqj7p6e_ZAGc_lC_p4sd66aYhwIyYK4JOlki9-tbFaX0kDYHVmEHxfiWT0NDVGaDu6R4r_YCmCdXOacqfcUGdiNfawGfCvMuX7nV5FUM_9KOHYNk8nPE54aSE6s2iNybvBAonrIWbE5BaGJvWKgq-hcSWX_c16QJvZHg1d_jgrdCBUaF040mJT3akpDlmOlz11C5bCZHKz6lOryz2Yx8hGdcBZrlVrxd38JyzyKwhcNf_oEyodHb9ZIi9GGvdcUwN6h9437YiGSy0Fa9sjRgMxdLWwwek68jj1i60eFR3rMtaD3UffcVhC6MQycX5fScrSUcZigms-tg&sai=AMfl-YSkqMrnlNszHYng13Z1YnjxXFu1ANErcF-tAjXMUyxczlAfgBUwuu6_atd4romV9yJQUKw5BLc7rkbWFkpA1hJfqVKJnTMVKHW6ro1NZqZA1YRFv6IfvKWKYy5XhQkbVw&sig=Cg0ArKJSzPnp95xl2pvkEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 24 Nov 2022 05:44:27 GMT
truncated
/ Frame 8129 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4baa7a19fe60390667c7f8a64cdc0577a34dd2755a5609b1d7b2454584955d71

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 8129 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszd344tfT5DXrqZetdg7xpolc79ada8-GXu-Hz3rCzeQDM7mH42WcGVD9BApUf3zjFpHOc8JW0GjUvqHmr3lqLtc9vHuc5sP4oAhoJTbDZBGId6iQ9yFKCFftZyt5ICQPYolYHOb-uiOMLpEvxyg8yLDAzRURXE3WqE2KL-tiAUURHojSziYFwnGEv2OwldeSjxWt8LZv0zmU0EPl-ABMIT1ppsH5rqqORhCVtHEEh_ElXxb1m3dEPMaoaU5djTZUnwL9aqnH7_aNhf0Qc2dol9KOB1KVB5uqNb2lNxHpuwu6Arn8dh2RYtkRJUdRObfdF-THl1N62GRX0oz797feTd1qtjXFusEThd3d7ZBba&sai=AMfl-YTk8emEiDgUnHcJEuUd4kSNGCSSY_0ImI2yt_KLvziGcs49-1r4t9e99Et9DgHu1rCmjmz7rsgt94kXhViNz-HhK64ZTmbNgcj2pDeBrNIC_hTb8Bmqp3K4LUeBk9Lbvg&sig=Cg0ArKJSzN18n59vpWSOEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 24 Nov 2022 05:44:27 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame C0FD
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Thu, 24 Nov 2022 05:44:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8421 		0
0
truncated
/ Frame 8941 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de9db41ef9ab41cc0afd73264d33532091ddf10439462dcff3195e82f20650bd

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
default_video.mp4
s.isanook.com/vi/0/ud/1/ext/video/ Frame 8941 		23 KB
23 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/vi/0/ud/1/ext/video/default_video.mp4
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.80.21 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
c7e91ec737c4456ae82d47d50d3099d60105d58ddfe04c0001b9b13887d41d21

Request headers

Referer
https://www.sanook.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 20 Nov 2022 07:36:12 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 20 Aug 2015 06:26:08 GMT
server
Lego Server
age
68935
etag
"55d57300-5b54"
vary
Accept-Encoding
content-type
video/mp4
Content-Range
bytes 0-23379/23380
cache-control
s-maxage=10
x-nws-log-uuid
13128280067654577517
Content-Length
23380
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=6.257283887116072
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f138.1e100.net
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bEc2j6sa_06TstwTlF1aSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:28 GMT
content-security-policy
script-src 'report-sample' 'nonce-bEc2j6sa_06TstwTlF1aSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=0.4403045049729759
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f138.1e100.net
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IlLvNWOfAQTnafbfaWH-9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:28 GMT
content-security-policy
script-src 'report-sample' 'nonce-IlLvNWOfAQTnafbfaWH-9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
ww.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame C0FD 		45 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/ww.mjs
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
e4da0b609b1c66eafc28b4b85f98124a93f73af4dfee658b5d1dc5811b607d3c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
text/plain
Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 21 Nov 2022 18:09:10 GMT
age
214518
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13108
x-xss-protection
0
server
sffe
etag
"ecaee3ce0173ced9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 21 Nov 2023 18:09:10 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 8302 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 5636 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
csi
csi.gstatic.com/ Frame 33EA 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~laungrbx&c=4748915468489&slotId=2374457734244.5&qqid=CN3vwq6OxvsCFRR8jwodN9wOGQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44767586%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
jl-in-f94.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:28 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 33EA 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 12:44:20 GMT
x-content-type-options
nosniff
age
493208
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 12:44:20 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 33EA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:23:21 GMT
x-content-type-options
nosniff
age
98467
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 02:23:21 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 33EA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CgF9vuQR_Y52vA5T4vQS3uLvIAbuCyNRskLWq8b8Pl9Df1eovEAEgr9HbH2Cr7LGF4BigAan_5cYByAEFqAMByAObBKoEgQJP0PYoMQutOBqeXtmubhd9BBtyvlLNBxa_I4HWQCOfE-6knv_XnOTp0zsbTwfC64s7dX1NwXipcDaF4SRaK2dlWkNlt19iYQJfmo6hkOpk-d9sgaVDgMZQrhBdI0UaivNNpQXb3-uI4YJ1gU39BqvZrtOaf7a5ptjgPkpb3HTl-0F3MAMfGA_nV8KsSyQDzjuJ-dfhlWTf14jREorFzFRQJ3oKUBX9OegVkt4Hh8iBvvn5P2qoCCpUPPKWVWcHwZoC4h7EC3E9_KgWWTmzsiXr0EKzftwJlNxO7ihCFVT3rvegZZyKoBBjbeeCSqNu69dmRnaABT3OiJHYw_M-5gs3Z8AEnMjH7_UD4AQDkAYBoAZOgAe_gJq5AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgECACgOYCwHICwGADAGwE52uqhHYEw2IFALYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1669268667752&ai=CgF9vuQR_Y52vA5T4vQS3uLvIAbuCyNRskLWq8b8Pl9Df1eovEAEgr9HbH2Cr7LGF4BigAan_5cYByAEFqAMByAObBKoEgQJP0PYoMQutOBqeXtmubhd9BBtyvlLNBxa_I4HWQCOfE-6knv_XnOTp0zsbTwfC64s7dX1NwXipcDaF4SRaK2dlWkNlt19iYQJfmo6hkOpk-d9sgaVDgMZQrhBdI0UaivNNpQXb3-uI4YJ1gU39BqvZrtOaf7a5ptjgPkpb3HTl-0F3MAMfGA_nV8KsSyQDzjuJ-dfhlWTf14jREorFzFRQJ3oKUBX9OegVkt4Hh8iBvvn5P2qoCCpUPPKWVWcHwZoC4h7EC3E9_KgWWTmzsiXr0EKzftwJlNxO7ihCFVT3rvegZZyKoBBjbeeCSqNu69dmRnaABT3OiJHYw_M-5gs3Z8AEnMjH7_UD4AQDkAYBoAZOgAe_gJq5AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgECACgOYCwHICwGADAGwE52uqhHYEw2IFALYFAHQFQH4FgGAFwE
Requested by
Host: e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
URL: https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 33EA 		29 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-D9M46pQ3Zn3UWayrBOV90BJC7qHKGQN9ZMsfJZ6HUE-z6W-EJ1UvhHzavmv7ZL-noIhx_CKd-Xj_ghEAXkhOo_PSjaxw&cry=1&dbm_d=AKAmf-AHG3NWHZ7eE53IWh09wcFAv56jJeQOl5I9WhDrQD-Yal4bh4EQnvZoMZCcq5NhE2ZEFszkq_F_E3ZTeMEhrtS1g0ipmSzznPh7vzfhaFYjSQE5pkp9MK2yquS_7pO_D-tWIDQLpkQsjYXX75ozuUEkw8lHIHk8qQ8vRzDaW7pJ9Rpj8UdL6HrJPSvGjDbEw9e-xGRXfnDBAXWazcFSOlBE06i6VgHfFeV7puZRrTXwYMG2MuIjR88cY6syBEn3JQWqLeQsOWqkSexr08cEb1gtwKsXJuf5zua4Ppv3uKeYsHCEF_O707cFjSAWIJFhThoodFc-_mPHmF_Lm7Z2BRzK_QBExkEVqwt90QJD9h1CF6DsjcXiV1oPnGBc9ZiyaYeabYG_cy9-fk1QFicSKJYQtXDqYsCxRksE8g_Mn1d8VdtF89K-4DQi3DlIEAjzFH0QNVDmAE44tMDUpkobWXSDLfj-Eu34CRIhhiQJfOveQhSJv1XUffP0l9IbK0hli6YZ5aDwgzBpd2AqrfwTC4fq56-yu6tz7m3fto1BwjkxCBj_tCIIY0ANUkC6c_bCp9NZHcs_ly2gfE8UI2LwUlfak4-8ilEAAYc4vrHLwJh4Am1VC76Me1afyNq6L6N7GirnQI1t5snIyoYCaWHq5U_AM60kG6egafWQwZrRzVY7sp4wWkUSA688H-CXicBh9rxzwqgQbm6Pb2mC3qdrflXy2XOJ8I0TvHJyKQEr-NMg3XRw2AR4T6wCOGneVPBjDOi2e14uzMzNg1CG2CHEC7NE4Egx9ejxQm01R8HqCZ0ifHxGtus8CdrZDH8-T1FLXyw38D8vvvPlCmGcVTrZ5n1Yf3qRn6-jEWvWHaSFbKJmTHBcleHG_Jm9tbJ_6AueUb9jsfUsC9ShhqN-D1OPOJr09lOWtjOLryMfBzGLXIpqFdljSpPpQAC_vrTF3rJT3nKK8j9sJA-AoazmwCzYkfSRVWzgf9bLbHjkNCDPW3nGw8eids0PtgPrxJoggYiF3xukSfH41I1HJmDxQBNvztAQRyDZ8AS3mV727MXi3dpTGLg2yqT5J5DHistauE2kZZ-k0Xm9q1eYq7TQuSb9TbvLPrbQOuu9oDtpDXj_1mBT_V6uqEj8LN9Y0Ev7bWrMrKDxmEWBs7fyWcGhv3xW0TNE20R_6ibUNSDjmnSsHY8nvo3q8yRVMAFa3iYlZYnPEo8ZruW4qUG1ewSSCPkSyiypKscVv4sl3RbKG-914BgKyHwzV4SuRBQxW-cVjSZgNuw9zAKiLIKbjBDO3zifrI2XBMCogaDjOrtanLQRcbZWvB5O45G33DtgqogIfY1oNBwDiOADJR9nZ_giBdCPTJpYb4YO04biPPXlCnGxnJQduTCAI-wl7GQqVqNErFDrXfG8Z7lwyedxJIBQrnkx2r0kU1okBh6KFsKKpnyY0UOKqhuzmmRET2ozVTuZytVwIXYwepvc_OH_gYnB50ayPlqcxWtAH2I3MnMIT8YmKwHy5u0zTz8N75gFhZuI8u_WklvLif1YxSntpuWHYWHoE1WmyhJY3qeDILX8NpgBc4rAP5fSyS2_pH3fUHbHjssmmipDuPAhcsMdPF_zguOgnRVZeFlvQzJpj-Uaz7oXfXeFJwpr-x_kA2nIUACTvwylV2XcBn28muJ4abG7F4J9rxFXi-pWO56MY1M6ow01jNgGOAAhyoyeJEDKGHSAG3ybIfBnTabu963nyb_jJ1ALEb6_YUcnhrLhxQwEgc2ZgP1SK-rEYt0BSy8hfyunaUv9jdxjHCxb4ANboM-Qu8nlBFsB1882Q7st5JZ2_xfJBCLq4qCOImobStjBTrjEQRyKxlXCu1PeZwIfWCEXQ-tT_a-AP6qnz_1BJoLe5RRd_5_y3mqBDHyiShqOpd2Dj7VWDsK6wZj0Su4ZMWyce74PF__Ohsj_e1f7Dpn2Afyd0YFLfZV9LPx5X4x4NAga57cwo3pW91t3m273xDQfhEBS64tlq750NW-yReuJoFwzyDJ09rKeNW5-Ce0XYjvEB7MNNKzxWjpJXt0u6YSA2l8YpBqyK_728BYj-QJXHqB0fpf6dsqFp-emPSCyD4tBIxUrdlgQwljGJBvu2lrvTDvmnCb1C3zUzKvayrXDYk9JGG6yTsjsVL5d8gWfBJrzR6MlPbVQNtbuXrkoniZJn1Y-sBw47_y3RA2zZJGN6OpGEjJvyf8nCdgeQiEPO0l-wdqxh2xEekFZ2Oz5ZROX0smkmMmg5eXPpZIxYAdJ579DtUramd_JznACpAbAIBwiIgXaQmvD6zUOY3G0fTg_4l6R4RBzawlrZa_cVoXnFAiGfYdUSn5z97uLD45SbA8fxrtpn3RWjOzZyt_2BkdoEK2srUM5v3Eae8_TfbI8eKqkhTEnNAIbNY0kHeYhvIyFkIg0AAW4b4wnvOpXSK-l81aASZH2K_g-XQfRiC1iALwHTyHXQuHGPm2D7KjciHyGyRsusl7l3YwQVEMusoeRmPXO7QHr2gT1w7JA9_2MMA6rdPYRRi3ZzEaboymE5varPyoNln_kx8IQoi7S1bTSmxP-CZJdyIsV2Zy9UrQmBSLlu8akKQEd4yz3h9Dm8ogtdqi2SMMDU08PYRwhjNHsN_4PscwIBuwxbXO0Y_rUtwAtV6up-bat2b9lKAW3H5jEf3Oxfr7AgsXH1L3zXlsizjgoDFNQo6xmvo0cyMpOhVNrKpndrtXZ7ITSB3H-1PMttfUNDkIraAa8KVwkpbu5Au6xzWczbKX_3mipJkjKCZs8iHHuj1TZOn1BZcqIMoKQ7XD78kgBR82xI6aPDAHd_s4GFguqUXb5K6WydyjnvtJBRiuRKDnzOKe5iOVUpiCUnFLxG8kWyhkwHcuftKO6Yn2i2S1iT-2V456FoDHxaCFnrPsp9XMIIY8CIpdUqSzLO_2QmfpckzhFtZ4KKXqCSYU9agdoYJmJWQnna9pNFB5q6Ys_9FOHl50UCmBRYoXi8AOoMNgSG7nqUsFd1z-ih8rU6TJewhYmBgZOlDvAPGwTNV5vTPrCBVTMbW-MuKq1smTVExF6X_FxR9xQ84Gdjcl68fzVTYGdRxlIWQI5WfzTCsvGBg-RSEtVEaJj7lHjP7F2fSUlWP8l9kgGaXXHGXzWxhm1MIBgoj4sT1BOp33_Q4UQop9ekJWuvF8AM3hVKGpyYYpFtxhx3ieQLwvuzJpFWsTEyAybcOva5fAs9DYmnHUh7TfZQpnLq44sBbPswyl92132BUSc0ml5eKQkB6tzflhT5i2fS42PCmW1iTTZb_PXgpwt_16CeoQCAKde0y7PzudB4vvoM2mqnsSHsGriO5eO-k1aZT_FWn7B-4OTGcncki377ePvZ7QXbzY2RGPenvE4GWB-Kh3x3-HG2RRcfl3fy0A9X3bRr4S3XfOhUt0k0u8U-m4hOKHCD6oehXtgE5_GLfVRYZJsOQjCVhkd0TNAXd7sqOqwYAW2hAYoh59dlnx9O9U&cid=CAQSPADq26N9ms3LeFDFE68IjE6jISMl1kBlW_XXPFl6ptUavteLhGWphwzZtqeQCSZ0YGY6lwdtcW1hzCaKtRgBIBM&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
c6d3041c11f6a344cba076473fd517846b81951073d72800d4d99a067fa6fc2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16381
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 33EA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cf5tNuQR_Y52vA5T4vQS3uLvIAbuCyNRskLWq8b8Pl9Df1eovEAEgr9HbH2Cr7LGF4BigAan_5cYByAEFqAMBqgT-AU_Q9igxC604Gp5e2a5uF30EG3K-Us0HFr8jgdZAI58T7qSe_9ec5OnTOxtPB8Lrizt1fU3BeKlwNoXhJForZ2VaQ2W3X2JhAl-ajqGQ6mT532yBpUOAxlCuEF0jRRqK802lBdvf64jhgnWBTf0Gq9mu05p_trmm2OA-SlvcdOX7QXcwAx8YD-dXwqxLJAPOO4n51-GVZN_XiNESisXMVFAnegpQFf056BWS3geHyIG--fk_aqgIKlQ88pZVZwfBmgLiHsRTcKcJO4Qfq21agoMS5avbS24IS1NchACm0OeO_SRstZJ2gdcvVAzeikDze97JERyw9uakiQQeTFYkwAScyMfv9QPgBAOIBfuOpPE9kgUGCAMQARgBkgUGCBsQAxgBkgUKCCIQAhgBSJisfJIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAHv4CauQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChDyoSAY7OityAHSCA8IgGEQARgdMgKKAjoCgECACgPICwGwE52uqhHIE5W8hN8D2BMNiBQC2BQB0BUBgBcBshceChwIABIUcHViLTYxNjcyMzg3MTI3MjkwMzIY94EQ&sigh=WcgKBDdzarc&uach_m=[UACH]&cid=CAQSPADq26N9ms3LeFDFE68IjE6jISMl1kBlW_XXPFl6ptUavteLhGWphwzZtqeQCSZ0YGY6lwdtcW1hzCaKtRgBIBM&vt=10
Requested by
Host: e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
URL: https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 081F 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
URL: https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
28589
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 21:47:59 GMT
etag
48472445140208031
expires
Thu, 24 Nov 2022 21:47:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 33EA 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0d6657f2b9b741ab675706a2cba0e4822b8bed5c314385b85f67b0ee6f03acc

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame DCE6 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvnR7nLACFGn5urqxT4sCrad08wl0xqpKOKV5ELXzXfD0eDqnYNxhKtRSOjjwqMGrMnbATrMihlvR34t0kKTYvuESP-_ZF9f2ysBQno5IcYXDMJdRFw1x2t_0BEC2-IQ5uxyZZ6Vx-M1GBAID56tTvW7_RjAaUazGbarCv1ecADUA7BRaH5Pt564123hY8QDh8d1X0NX749YcVFRX-6wnMu9cnxx7G7AnqveNORTAsI3ZNvE3yzs3h5DlEEjt0tWuSv_SfEPXOgB_l4s-ivFijs9lh-Cuwct69u1vIlvA10_J3MfumuiMjnDR1WQVmA0hduck-5aZqlVyQtn9OiKuyqZouOP-j5fxsZPdQrodg&sai=AMfl-YShXS_1tLHQJmBg4_FQg1WaZnoSmABmvIEVoIw6CDWnzNt2doCnUXA3OG47Omzz1Z0IRQKNubq_pObCaAyVNok1Qe_-mjpPxsItihaTZm5kSoiBhpHgvVt-pJQ8XgPU&sig=Cg0ArKJSzC6XlTGLEPm2EAE&id=lidar2&mcvt=1000&p=649,1065,899,1365&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=422533547&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669268665490&rpt=1316&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5DA1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst4Gw3AP8XQWMfRzWbcaaA3seJkVKQO3xvJSbJxp38SF9f9jVFWVbucldq8JZurEGx8VU9FJ9MLe2VqTRDNm89zyfEfwUHHo3akX1yTTRJgY7kAOvQJ&sig=Cg0ArKJSzLnd9hXCAREeEAE&id=lidar2&mcvt=1000&p=0,225,90,1375&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2090433894&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669268665468&rpt=1626&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4F21 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_F0eOAgwyNHKlGB0B59a1706yGhLJkqfie1cNCW9DdoSh7lWv6-ffV7z8YCXGZq9Hq92e6oIXuEVFGJQnWeOq2yEwNa1kj_Mg2MxANiUCZjA0hxVWU9YeDneoUllE_UARZXxTa6Rfnc9kjUyiXqHDIbEtxmz1PkCZ7rkN5fR_X6RsdxbhAbs6nIEAMvZ3rasxDIBNHTRGtzFiTj4YaFtmpI6L0cfszuDTpItoVHNaYZH8tiHUxhWCuE_iM48yMqv4RDoyttwkyPx_tojsv7hWASW0FQPD7ISP6YZ7is6SGJ3E45Fzp-JnAqSDJquvq4ooILVIwJLKOA&sai=AMfl-YQd0sMyNrjcLgFw7ooWlW2kTy2mzJMjk1duMSBrww-dzbSRBUCmsRdV1vP74ayVWpzbpLU72rowIIiAYRIWmDVts932bwXfMKlhjZmrAzZaXQEf8gyGfjSQzS1_Q9qUgQ&sig=Cg0ArKJSzL1-E9_2ipMXEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 24 Nov 2022 05:44:28 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 33EA 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:07:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
567445
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 16:07:03 GMT
file.mp4
r1---sn-ntq7ynle.c.2mdn.net/videoplayback/id/4d84b25e4f01b0b1/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3794471770/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 33EA
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/4d84b25e4f01b0b1/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3794471770/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r1---sn-ntq7ynle.c.2mdn.net/videoplayback/id/4d84b25e4f01b0b1/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3794471770/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r1---sn-ntq7ynle.c.2mdn.net/videoplayback/id/4d84b25e4f01b0b1/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3794471770/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6B894708E55269279455CD806586C2ADB4BF0112.0F5543AA901A44C61BFAF2E29A99A75C14C4610A/key/cms1/cms_redirect/yes/mh/8U/mip/116.90.74.202/mm/42/mn/sn-ntq7ynle/ms/onc/mt/1669268235/mv/m/mvi/1/pl/24/file/file.mp4
Requested by
Host: e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
URL: https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
74.125.109.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s21-in-f6.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 05:44:29 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2222710
Last-Modified
Fri, 15 Apr 2022 11:55:07 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Thu, 24 Nov 2022 05:44:29 GMT

Redirect headers

date
Thu, 24 Nov 2022 05:44:28 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
643
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
location
https://r1---sn-ntq7ynle.c.2mdn.net/videoplayback/id/4d84b25e4f01b0b1/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3794471770/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6B894708E55269279455CD806586C2ADB4BF0112.0F5543AA901A44C61BFAF2E29A99A75C14C4610A/key/cms1/cms_redirect/yes/mh/8U/mip/116.90.74.202/mm/42/mn/sn-ntq7ynle/ms/onc/mt/1669268235/mv/m/mvi/1/pl/24/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
e7d8dd05-7885-4176-9578-cd85c515cf62
https://www.sanook.com/ Frame C0FD 		45 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.sanook.com/e7d8dd05-7885-4176-9578-cd85c515cf62
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19e13b08d97e0c77e8b042c297a7f129dd7c23644aa890d59d6327c4bc1f0ccb

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
46363
Content-Type
text/javascript
bridge3.546.0_en.html
imasdk.googleapis.com/js/core/ Frame 979F 		690 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.546.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f95.1e100.net
Software
sffe /
Resource Hash
f43762f8d21458d2db8345c175545afe7c12bd886a827956d78ae75dafc50179
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
16887
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
226628
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 24 Nov 2022 01:03:01 GMT
expires
Fri, 24 Nov 2023 01:03:01 GMT
last-modified
Wed, 16 Nov 2022 18:58:05 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 8941 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 24 Nov 2022 05:44:29 GMT
pixel
cm.g.doubleclick.net/ Frame 081F
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFRvlHRwr9jKRMEeBiCWEC4&google_cver=1&google_push=ASkJ3FZWR-c9aKWV_z-r78Y1DqCqpkTP7XRdbODFD-M2Jhz1rQnWrb-nLj...
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=ASkJ3FZWR-c9aKWV_z-r78Y1DqCqpkTP7XRdbODFD-M2Jhz1rQnWrb-nLjYa5XX6tu0N4eWuo7DuL9VgvZWod55oXZiu_sWQzOmNG2A9_lmutUp2ON1tQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=ASkJ3FZWR-c9aKWV_z-r78Y1DqCqpkTP7XRdbODFD-M2Jhz1rQnWrb-nLjYa5XX6tu0N4eWuo7DuL9VgvZWod55oXZiu_sWQzOmNG2A9_lmutUp2ON1tQxMSwNnZcGT6EjAijDs68LkDas-Z&google_hm=aYHJ6Fbif8wAKHf82MgueA
Requested by
Host: e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
URL: https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=ASkJ3FZWR-c9aKWV_z-r78Y1DqCqpkTP7XRdbODFD-M2Jhz1rQnWrb-nLjYa5XX6tu0N4eWuo7DuL9VgvZWod55oXZiu_sWQzOmNG2A9_lmutUp2ON1tQxMSwNnZcGT6EjAijDs68LkDas-Z&google_hm=aYHJ6Fbif8wAKHf82MgueA
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 081F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEB07Go8Q84Unj5eax27gNlE&google_cver=1&google_push=ASkJ3FbXHBzssfI-gI7M3qit5wRQJY_y31eN-mmJtfkJ0Cde8omAWhzyr2V1cLn6tFioTFM9lxxvheA0VAku2iSjLr...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NTk5MWVjOWEtNmY5NS00Mjc4LThiZjQtNTNjZDczYjNmZTUx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=5991ec9a-6f95-4278-8bf4-53cd73b3fe51
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NTk5MWVjOWEtNmY5NS00Mjc4LThiZjQtNTNjZDczYjNmZTUx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=5991ec9a-6f95-4278-8bf4-53cd73b3fe51
Requested by
Host: e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
URL: https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:28 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NTk5MWVjOWEtNmY5NS00Mjc4LThiZjQtNTNjZDczYjNmZTUx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=5991ec9a-6f95-4278-8bf4-53cd73b3fe51
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
423
pixel
cm.g.doubleclick.net/ Frame 081F
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEFAlJllChRCzj4p7yAY0XGk&google_cver=1&google_push=ASkJ3Fa_JHWDCPFiyGVXIjjAfX6V1PDfcqYfhmQ8DHSYqBse-Znw7uUqxn0S18uGMD63jU0_ExjWy-kh82YsUmLLcpl1lMjechhk_7y0O...
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=MWxkbHRaT2FCVW1xdlZmVnR3Ul9Zdw%3D%3D&google_push=ASkJ3Fa_JHWDCPFiyGVXIjjAfX6V1PDfcqYfhmQ8DHSYqBse-Znw7uUqxn0S18uGMD63jU0_ExjWy-kh82YsU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=MWxkbHRaT2FCVW1xdlZmVnR3Ul9Zdw%3D%3D&google_push=ASkJ3Fa_JHWDCPFiyGVXIjjAfX6V1PDfcqYfhmQ8DHSYqBse-Znw7uUqxn0S18uGMD63jU0_ExjWy-kh82YsUmLLcpl1lMjechhk_7y0O27zGRZ_5SXD7BrEQMPVMS6cPBYRCSHMDvu3dfhh
Requested by
Host: e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
URL: https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=MWxkbHRaT2FCVW1xdlZmVnR3Ul9Zdw%3D%3D&google_push=ASkJ3Fa_JHWDCPFiyGVXIjjAfX6V1PDfcqYfhmQ8DHSYqBse-Znw7uUqxn0S18uGMD63jU0_ExjWy-kh82YsUmLLcpl1lMjechhk_7y0O27zGRZ_5SXD7BrEQMPVMS6cPBYRCSHMDvu3dfhh
date
Thu, 24 Nov 2022 05:44:29 GMT
cache-control
no-store
content-type
text/html; charset=utf-8
server
nginx
content-length
287
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame 081F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGzl82hRT81cf0dhlba4Tj8&google_cver=1&google_push=ASkJ3Fa1a_W7srv66tt9jRmJV6VDj6yJmqWdnr1xn2q3YdQ2S_ya8Q22HBvxbGxRo6mFSY3WK5FMWW8vTBUT2cqhxyhc...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3Fa1a_W7srv66tt9jRmJV6VDj6yJmqWdnr1xn2q3YdQ2S_ya8Q22HBvxbGxRo6mFSY3WK5FMWW8vTBUT2cqhxyhc9DmKSv9E1Op3vr-abXFDC1gs8EbrQuHBVbqGy6rZRX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3Fa1a_W7srv66tt9jRmJV6VDj6yJmqWdnr1xn2q3YdQ2S_ya8Q22HBvxbGxRo6mFSY3WK5FMWW8vTBUT2cqhxyhc9DmKSv9E1Op3vr-abXFDC1gs8EbrQuHBVbqGy6rZRXaYfLDFQXiz&google_hm=M-j6xqqeTcm1jeGhhdyysg==
Requested by
Host: e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
URL: https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3Fa1a_W7srv66tt9jRmJV6VDj6yJmqWdnr1xn2q3YdQ2S_ya8Q22HBvxbGxRo6mFSY3WK5FMWW8vTBUT2cqhxyhc9DmKSv9E1Op3vr-abXFDC1gs8EbrQuHBVbqGy6rZRXaYfLDFQXiz&google_hm=M-j6xqqeTcm1jeGhhdyysg==
Date
Thu, 24 Nov 2022 05:44:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 081F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEGj-flkB7tw2Nh8LHE-X-F8&google_cver=1&google_push=ASkJ3FYTrk8p8TOIM77MVTmKIO_JKOW5NOKmfJ_PRHnz_p7gcJN358EdhM2fVLS5QCz8qBYYUqknfcarMyI3z...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEGj-flkB7tw2Nh8LHE-X-F8&google_push=ASkJ3FYTrk8p8TOIM77MVTmKIO_JKOW5NOKmfJ_PRHnz_p7gcJN358EdhM2fVLS5QCz8qBYYUqknfcarMyI3z...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ASkJ3FYTrk8p8TOIM77MVTmKIO_JKOW5NOKmfJ_PRHnz_p7gcJN358EdhM2fVLS5QCz8qBYYUqknfcarMyI3zZjSyA0taxUnsLyag4AFDlT4ClP-fdTdRPcXVCULh30_-Ux...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ASkJ3FYTrk8p8TOIM77MVTmKIO_JKOW5NOKmfJ_PRHnz_p7gcJN358EdhM2fVLS5QCz8qBYYUqknfcarMyI3zZjSyA0taxUnsLyag4AFDlT4ClP-fdTdRPcXVCULh30_-Uxo_gR3ikTF6oIZ&google_hm=VVZhcEpOQmdndUJRNG85b2Y1UnE=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:30 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ASkJ3FYTrk8p8TOIM77MVTmKIO_JKOW5NOKmfJ_PRHnz_p7gcJN358EdhM2fVLS5QCz8qBYYUqknfcarMyI3zZjSyA0taxUnsLyag4AFDlT4ClP-fdTdRPcXVCULh30_-Uxo_gR3ikTF6oIZ&google_hm=VVZhcEpOQmdndUJRNG85b2Y1UnE=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
280
Expires
Thu, 01 Dec 1994 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 081F
Redirect Chain
  • https://dsum-sec.casalemedia.com/cma?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_10}&google_gid=CAESEASNgg8vz373-IJBkYYccxg&google_cver=1&google_push=ASkJ3FYfcb7bcDRFnN0TvejD9VL2LRSiNWRNBO5omkqIlBAz_D...
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3198578105936587515
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3198578105936587515
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:29 GMT
AN-X-Request-Uuid
11990efa-73e0-43d4-aef3-9bfbf8142e30
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3198578105936587515
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 081F
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEEvLNn7m9jr9IclsZnCvX_k&google_cver=1&google_push=ASkJ3Fay6ORW7izeC...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzE5ODU3ODEwNTkzNjU4NzUxNQ%3D%3D&google_gid=CAESEEvLNn7m9jr9IclsZnCvX_k&google_cver=1&google_push=ASkJ3Fay6ORW7izeCwTM-YLsFLD-VK6JU6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzE5ODU3ODEwNTkzNjU4NzUxNQ%3D%3D&google_gid=CAESEEvLNn7m9jr9IclsZnCvX_k&google_cver=1&google_push=ASkJ3Fay6ORW7izeCwTM-YLsFLD-VK6JU6S-Ig7EABWhk9nfxDuoC6ZfKz40MPosoJcceHddJ7mayChixNYBXBc-vtW9KpEeNjgXaHj1UUekmAyUAuwiJSNNjxtvPVKHFe5Cz4J_ngN520qO
Requested by
Host: e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
URL: https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 05:44:28 GMT
AN-X-Request-Uuid
0e730e2e-0d80-463d-b7c4-1c0b61290489
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzE5ODU3ODEwNTkzNjU4NzUxNQ%3D%3D&google_gid=CAESEEvLNn7m9jr9IclsZnCvX_k&google_cver=1&google_push=ASkJ3Fay6ORW7izeCwTM-YLsFLD-VK6JU6S-Ig7EABWhk9nfxDuoC6ZfKz40MPosoJcceHddJ7mayChixNYBXBc-vtW9KpEeNjgXaHj1UUekmAyUAuwiJSNNjxtvPVKHFe5Cz4J_ngN520qO
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 081F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KZZjOS9m2P7kxs6vw__J8S9ckpj6ntgAVtvWcmeHSzOgu86j1sAnJqEGId0okygj2zs1sGYA
Requested by
Host: e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
URL: https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
activeview
pagead2.googlesyndication.com/pcs/ Frame 8421 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 4F21 		0
0
apstag.js
d3div1mtym39ic.cloudfront.net/aax2/
Redirect Chain
  • https://c.amazon-adsystem.com/aax2/apstag.js
  • https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
178 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Server
13.33.100.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-100-164.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c77c73031f12ad805be49f065989e35ee84cdeaba71e1b64c650732c921409df

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:19:29 GMT
content-encoding
gzip
via
1.1 9725312341802185c9ebf086bf95544e.cloudfront.net (CloudFront)
last-modified
Wed, 09 Nov 2022 20:51:50 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
1502
x-amz-server-side-encryption
AES256
etag
W/"fa24fe2b94a2fc864b1ec67f32e8db32"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
1G55UO_NJlHkxlOZKGjJp8gxsOI31PXWE4oKz1PtneY_v_t7QKjR2g==

Redirect headers

date
Wed, 23 Nov 2022 20:29:06 GMT
via
1.1 d4cace4cc5e331ffcb566a47ffd57416.cloudfront.net (CloudFront), 1.1 69eaf3b14624853f73e8b23e5e76f49e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN2-P2, SIN2-P1
age
33323
x-cache
Hit from cloudfront
content-type
text/html
location
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
content-length
167
x-amz-cf-id
Oim_v6u7RxO29DPe2Wm3aj1VHwRomL7wIDqnl2bHknOE946cONRh1A==
AGSKWxUQIrxZHDYAvqnJvsfzLnIxofyfWTSWPOvfHVIkhQBiSbNXNctquI17L86HpacYjBfd3CSQduGF7JKYnemG-y3RuMmrFucbcqppIZmeWmVjCs4j8UJl24wIA4nhhqgDu9fPdj5vWA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUQIrxZHDYAvqnJvsfzLnIxofyfWTSWPOvfHVIkhQBiSbNXNctquI17L86HpacYjBfd3CSQduGF7JKYnemG-y3RuMmrFucbcqppIZmeWmVjCs4j8UJl24wIA4nhhqgDu9fPdj5vWA==
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f138.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Mp-ztVbA42R_MYt1YwjM9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 24 Nov 2022 05:44:29 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Mp-ztVbA42R_MYt1YwjM9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
expires
Mon, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 687B 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
106567
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 00:08:22 GMT
expires
Thu, 23 Nov 2023 00:08:22 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
query
global.cloud.netacuity.com/webservice/ 		578 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://global.cloud.netacuity.com/webservice/query?u=04842bc1-ecc8-4db1-aeec-6a7708559ff2&json=true
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.182.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-182-21.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips /
Resource Hash
d4978bc4436776f89cbbb158e18b8981076e6df5fc794f947c7af14c10e1df9d

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 24 Nov 2022 05:44:30 GMT
server
Apache/2.4.51 () OpenSSL/1.0.2k-fips
content-length
578
content-type
application/json;charset=UTF-8
footerad
fundingchoicesmessages.google.com/f/AGSKWxV05ZL6ZKZ36fNi-Q9mEaxAf1NO1IorHyp9vj05FokwvxadoqVtlOmXaZdLDaMiD0VS1NDn4LZuDWMcKroLCp1X3Z-t020Im9xYNGwcQa8EkICV31Xl3nT6Mlhttpx00mi-S7Iq6KYJzOkuPgdWkIu3XshGC... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxV05ZL6ZKZ36fNi-Q9mEaxAf1NO1IorHyp9vj05FokwvxadoqVtlOmXaZdLDaMiD0VS1NDn4LZuDWMcKroLCp1X3Z-t020Im9xYNGwcQa8EkICV31Xl3nT6Mlhttpx00mi-S7Iq6KYJzOkuPgdWkIu3XshGCdYn1KIcuL-zCIFRK7Xvxzioq3dIpc5I/_/delay-ad./480x70_/footerad?/adv_link./eroads.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB._zOUwiSZoD8.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMxeTRyuDR6pcl1eLLO3wTw1ujoqfA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f138.1e100.net
Software
ESF /
Resource Hash
6bfbec53dce88d3ab3cf41e150c117f338e405625164be29daaf5d917cb2fff3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dq9X2YZ4gSCMApKLy-gIjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:29 GMT
content-security-policy
script-src 'report-sample' 'nonce-dq9X2YZ4gSCMApKLy-gIjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
rum.js
pagead2.googlesyndication.com/pagead/js/ 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB._zOUwiSZoD8.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMxeTRyuDR6pcl1eLLO3wTw1ujoqfA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
5e5a26e546724b7e80d5f586ea747aa43861f804ead9b6a5d3a2d42601c52275
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:36:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
451
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23357
x-xss-protection
0
server
cafe
etag
901223051904315509
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 06:36:58 GMT
AGSKWxUQIrxZHDYAvqnJvsfzLnIxofyfWTSWPOvfHVIkhQBiSbNXNctquI17L86HpacYjBfd3CSQduGF7JKYnemG-y3RuMmrFucbcqppIZmeWmVjCs4j8UJl24wIA4nhhqgDu9fPdj5vWA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUQIrxZHDYAvqnJvsfzLnIxofyfWTSWPOvfHVIkhQBiSbNXNctquI17L86HpacYjBfd3CSQduGF7JKYnemG-y3RuMmrFucbcqppIZmeWmVjCs4j8UJl24wIA4nhhqgDu9fPdj5vWA==
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f138.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RXXSL2u2ca_8HrJF_A6Hsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 24 Nov 2022 05:44:29 GMT
content-security-policy
script-src 'report-sample' 'nonce-RXXSL2u2ca_8HrJF_A6Hsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 687B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 05:13:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
520246
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Nov 2023 05:13:43 GMT
file.mp4
r1---sn-ntq7ynle.c.2mdn.net/videoplayback/id/4d84b25e4f01b0b1/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3794471770/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 33EA 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-ntq7ynle.c.2mdn.net/videoplayback/id/4d84b25e4f01b0b1/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3794471770/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6B894708E55269279455CD806586C2ADB4BF0112.0F5543AA901A44C61BFAF2E29A99A75C14C4610A/key/cms1/cms_redirect/yes/mh/8U/mip/116.90.74.202/mm/42/mn/sn-ntq7ynle/ms/onc/mt/1669268235/mv/m/mvi/1/pl/24/file/file.mp4
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.109.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s21-in-f6.1e100.net
Software
gvs 1.0 /
Resource Hash
32acee589e4607dc785778afceed99b64c0ee447b43018dd05ca37d585023724
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

expires
Thu, 24 Nov 2022 05:44:29 GMT
date
Thu, 24 Nov 2022 05:44:29 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2222709/2222710
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2222710
last-modified
Fri, 15 Apr 2022 11:55:07 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
client-protocol
quic
view
securepubads.g.doubleclick.net/pcs/ Frame 8941 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDFv4FZntnxB0qJ50Ro3SSTeyyFwe2iJzn_3k4hbQsBf8HHxEc6TwLEjBzSoBRmiYFA6F5U5zTGuuxQVgqOu9PICdnjsqeoLOnMygdpi_iLaLxjoD5RHbifohWyb5JXwWkvqMQDc42wnivYq5h098pXHOnb8DlksE_llyFF0Sb9YdLHOj0DajE2vgSgDFQhXL05Nhh6mPQ9ELQ-6g9k3m8HYJOEfA9pMEynC8FbrKJ6C0yjiEwWxc3UyA_aSaMa8zlr0H5144urJiW4r6SoGqcOmL60aD509lT7EDthab19SfdfzfnFTzcj-dPzSeHNgdVOi2icD_8vB5I318BmwwmPhwwyGB1eOsrMiFu09Ko7S-P_yj_Ug&sai=AMfl-YQhfEpNt0FjnOP6AuSnxJs9p5_KfRYGpCshsRQW-OClp2mVIie0QdWWpGflggLrGiLX3LIuKhzGiaSvvKTaVmJcuAbGezhq0mdiRQXEIC56Ns8PZUnOiFsNcAshC7qG&sig=Cg0ArKJSzDy1hYagk5d1EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 24 Nov 2022 05:44:29 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 687B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BYANBuwR_Y_igN8Ha9QOs7ozYCgAAAAA4AeAEAg&bg=!wsGlwYXNAAbvMpMzzzI7ACkAdvg8WlQVfCXXN4UfYDZbEVJ7Y9xaOVGqTCIa6YPuVZnQ7fkyiOAx1QIAAABoUgAAAAJoAQeZAvPIo4B0B7B3SddbnuPLdTGW1fcwubaBx93qdn6hj5iFv1HLHMYnN5SmvKsJeEay2WroAW58ryzfUkJkADMXhBNQNXc84ZmmVYkezQNPTTdOfiSDY6_Mtkul4x_T0N0qXGYDcKsFazNoOnX6aC9ulZBEDei5TdKB1SqhhbYT16e_igoZ3RZ1jdVcRdAtSUSmlngEdF4yYiVl2PjsjXcm43_fP4xjae8c-CLIVhmOWMCtS9an60QvFiUzCcSeC-VIBy77nQCfZ-5chehZt0Ji4XDpxOxXKOy8KT-Hx2F6NjJLn8OLdRJKFswg63-Rgq5YTkgLvZMsLhstjsBchLb8_8M-qQMrXaqibUFxwceT39VyTfNNgfnxwIOUgfmjxl-xbQuTOPUcQQJN7YgGovEpg21AaoyrtlhUdOeS_W9PJtHk_KyKja-kEtSbHyuJFlZjjy8_2rk8d46jtIZs58MsoTAr1dMbk-RWuiWhkFem_hu-kF35sPOIioYjJOhEkHM1koNWbPP2ateJe7_6KVCb7-sEniGQSs6y1qxxdf4Ul5LRYxErkonwHDvuBVtXqpA0xEPbI70QhuhZOasECZ-2wJCHfpez-Cl0uH5fzFwI3o4DpnCCWSlWybqc6Q2MnKr2kFgkTu_fzE-kgXSN4Tmt0ffxAcoAO5CdOrrrqDJG0rCVH4Fcervqa-JE5rMkZ527fSDXbxzL4PncKOe6auopBttjKvVoS8TSwo1Gv3o-j-cTAefzO08tg2aDZm_RomC1cu3nSv5Lowiqe9m4mKwXYiOWmpCJyskxiw61_GuL8RQCRhdxH9YpL77dTQwmEsOwQ3CGgq_lT4yIL9LAd9wcWUtizApw_rsTjbcKWNNk0F-3M5VKn00nqyZWDQPehtQSPrOU8p45ZaJgSKxEL-5-zq9nURpvV6Je1SLjZ_Gt_7ach-LKGWT8rjKt2a-QlZfsu3HIwb5STDokYexr_vjR7fuUdsunavKmCYJ_3UAZWukh3qs14A
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxUQIrxZHDYAvqnJvsfzLnIxofyfWTSWPOvfHVIkhQBiSbNXNctquI17L86HpacYjBfd3CSQduGF7JKYnemG-y3RuMmrFucbcqppIZmeWmVjCs4j8UJl24wIA4nhhqgDu9fPdj5vWA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUQIrxZHDYAvqnJvsfzLnIxofyfWTSWPOvfHVIkhQBiSbNXNctquI17L86HpacYjBfd3CSQduGF7JKYnemG-y3RuMmrFucbcqppIZmeWmVjCs4j8UJl24wIA4nhhqgDu9fPdj5vWA==
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f138.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1CLq90kEUxxQt3_yAX0edA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 24 Nov 2022 05:44:30 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1CLq90kEUxxQt3_yAX0edA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.sanook.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUQIrxZHDYAvqnJvsfzLnIxofyfWTSWPOvfHVIkhQBiSbNXNctquI17L86HpacYjBfd3CSQduGF7JKYnemG-y3RuMmrFucbcqppIZmeWmVjCs4j8UJl24wIA4nhhqgDu9fPdj5vWA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUQIrxZHDYAvqnJvsfzLnIxofyfWTSWPOvfHVIkhQBiSbNXNctquI17L86HpacYjBfd3CSQduGF7JKYnemG-y3RuMmrFucbcqppIZmeWmVjCs4j8UJl24wIA4nhhqgDu9fPdj5vWA==
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f138.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-X32o2m42L6ChZA-gePNSww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 24 Nov 2022 05:44:30 GMT
content-security-policy
script-src 'report-sample' 'nonce-X32o2m42L6ChZA-gePNSww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.sanook.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUQIrxZHDYAvqnJvsfzLnIxofyfWTSWPOvfHVIkhQBiSbNXNctquI17L86HpacYjBfd3CSQduGF7JKYnemG-y3RuMmrFucbcqppIZmeWmVjCs4j8UJl24wIA4nhhqgDu9fPdj5vWA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUQIrxZHDYAvqnJvsfzLnIxofyfWTSWPOvfHVIkhQBiSbNXNctquI17L86HpacYjBfd3CSQduGF7JKYnemG-y3RuMmrFucbcqppIZmeWmVjCs4j8UJl24wIA4nhhqgDu9fPdj5vWA==
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f138.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yl4nCjU2oiBEsfA1ifY-GA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 24 Nov 2022 05:44:30 GMT
content-security-policy
script-src 'report-sample' 'nonce-yl4nCjU2oiBEsfA1ifY-GA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxV6plef5qbmvtlKpH-FVG7Ud672-TcgebsV21OXkSpSR84fLOqrrSJJwKNdVqYSBqxm4RK_qHEO5GReLr7Qv7GiAJwPsODABlqlEVl36bpjoR8pYNyIgXgJrOGzBB1nmWnK4LbjNw==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxV6plef5qbmvtlKpH-FVG7Ud672-TcgebsV21OXkSpSR84fLOqrrSJJwKNdVqYSBqxm4RK_qHEO5GReLr7Qv7GiAJwPsODABlqlEVl36bpjoR8pYNyIgXgJrOGzBB1nmWnK4LbjNw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjY5MjY4NjcwLDIyOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDEsMSxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LnNhbm9vay5jb20vaG9tZS8yNTMyMS8iLG51bGwsW1s4LCJfek9Vd2lTWm9EOCJdLFs5LCJlbi1HQiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB._zOUwiSZoD8.es5.O/d=1/rs=AJlcJMxeTRyuDR6pcl1eLLO3wTw1ujoqfA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f138.1e100.net
Software
ESF /
Resource Hash
40abc4880772f110611607f0955794442d10f5c3fa1d61712516f86aa2e7cb71
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pQofNOByu9LkGpgwvTFeYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:30 GMT
content-security-policy
script-src 'report-sample' 'nonce-pQofNOByu9LkGpgwvTFeYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
a.js
p.adlooxtracking.com/gpt/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/gpt/a.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.231.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 04:44:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
server
nginx
age
3596
etag
W/"81c857a6c52da1ca7444f198bd33b2ea"
last-modified
Tue, 22 Nov 2022 17:41:01 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3703
csi
csi.gstatic.com/ Frame 33EA 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~laungrca&c=4748915468489&slotId=2374457734244.5&qqid=CN3vwq6OxvsCFRR8jwodN9wOGQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=990&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
jl-in-f94.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:34 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8941 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3lFFVxWeYd9s434oAUYYN_tvnxbPfbeypCGBf7DoNfBxqeIGmrxvEbcAgkBrbw4eq9cZqWSSahqgkrDy27LDCMayKvMU4xxR_Kn7hIrOVerIzQoQy&sig=Cg0ArKJSzKp_QB6sJ6xYEAE&id=lidar2&mcvt=4040&p=1078,1200,1303,1600&mtos=0,0,4040,4040,4040&tos=0,0,4040,0,0&v=20221110&bin=7&avms=nio&bs=1600,1200&mc=0.54&vu=1&app=0&itpl=19&adk=3750302303&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669268665401&rpt=4172&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		385 B
735 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.sanook.com&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.39.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-39-40.sin2.r.cloudfront.net
Software
Server /
Resource Hash
17c1a65dfc520d641ac19f90acbbb439bd737a4e0bfbbffad3733203abe9280e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:33 GMT
via
1.1 69eaf3b14624853f73e8b23e5e76f49e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P1
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
385
x-amz-cf-id
pm7IHugsHWfpVGraqSN6h3S2KRvRPqPOC3yFOcS2zT0JVMIE2EchNQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.39.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-39-40.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
vkCJAv2LVCiDvkjoOZrS5s9fefeFFUOq
content-encoding
gzip
via
1.1 2ec3a59b33dd3ac1e987a568fb8bba88.cloudfront.net (CloudFront)
date
Thu, 24 Nov 2022 02:36:05 GMT
x-amz-cf-pop
SIN2-P1
age
11309
x-cache
Hit from cloudfront
last-modified
Fri, 18 Nov 2022 03:05:15 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
FBv8m6wqRB9dbYze2ra58vCMDoP5nYJ2u1aMVHCp3AVy64Uu8zWKwA==
AGSKWxVbJvtmi_QCuNQ3-G9FaI7KJfNJMFya9qaIJJJtgfCFlpXwn5Tj6laBvQlLg-mBf5DLL0rynumrI06v1uligG6OkwA5MxrDg7erUjMrhkItbSTINv-rxiWXDl_F5v8rfx2uI-m24g==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVbJvtmi_QCuNQ3-G9FaI7KJfNJMFya9qaIJJJtgfCFlpXwn5Tj6laBvQlLg-mBf5DLL0rynumrI06v1uligG6OkwA5MxrDg7erUjMrhkItbSTINv-rxiWXDl_F5v8rfx2uI-m24g==
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f138.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-eT0H8p2WsrWkspSCN9-KCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 24 Nov 2022 05:44:33 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-eT0H8p2WsrWkspSCN9-KCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.sanook.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
nr-1071.min.js
js-agent.newrelic.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1071.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 varnish
date
Thu, 24 Nov 2022 05:44:34 GMT
x-amz-request-id
V5Y17RZ77HT6TDVG
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
9086
x-amz-id-2
9n2gzZfaGoergXqRkI9gW4xpPDXZxS8dI4FDeFLwdjmRR6VeRR5JouzLFTr4kxwxpMwJOVO5hcw=
x-served-by
cache-mel11282-MEL
last-modified
Wed, 28 Feb 2018 23:33:31 GMT
server
AmazonS3
x-timer
S1669268674.435884,VS0,VE0
etag
"a1a545c95f313a230157b47dca555c25"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
21
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
cbfc0f99fd06c38d44c8dddbf41c42296b32806b2dc0b4f23dee4fe5bcf8df7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12449
x-xss-protection
0
id5-api.js
cdn.id5-sync.com/api/1.0/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62df83fba04d0a0679329b97fef945e7de87ff679a9f28e03a32e45f5d50a687
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:34 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 22 Nov 2022 12:59:45 GMT
server
cloudflare
x-amz-request-id
WDRS01NMX18SBGKZ
age
1558
etag
W/"1f56b56c871eb9078b183d4922cb0a43"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
76efd55f8de1aadd-SYD
x-amz-id-2
VP9UpZmYVfI+quQsk+Oly75udUWdnwXqd/07wqGZBfPK9BV2G6/VPTOPqYLlMQj8QwPO9GxXFf8=
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 24 Nov 2022 05:44:36 GMT
8f062114d3
bam.nr-data.net/1/ 		57 B
555 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/8f062114d3?a=50891400&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=24550&ref=https://www.sanook.com/home/25321/&be=1123&fe=24074&dc=4715&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1669268649975,%22n%22:0,%22f%22:0,%22dn%22:2,%22dne%22:6,%22c%22:6,%22s%22:267,%22ce%22:791,%22rq%22:792,%22rp%22:1095,%22rpe%22:1357,%22dl%22:1098,%22di%22:1936,%22ds%22:4715,%22de%22:4719,%22dc%22:24074,%22l%22:24075,%22le%22:24086%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1071.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 05:44:35 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript;charset=iso-8859-1
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
CF-Ray
76efd561bfbffb84-AKL
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
fe2b152d29d89e781da4d79d5a6a6c34d72246ab37c9ded4b4c9b781c711a974
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Thu, 24 Nov 2022 05:44:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ 		34 B
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
f3ab7ad779a09357ad2f28fe54f8872398693a62dc04bdce11e871b93b38fcec
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Thu, 24 Nov 2022 05:44:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
34
vary
Origin
content-type
application/json
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~laungt8w&ctx=0&met.9=1.6uq~13.7i2~2.8ls&met.3=112.fmg_1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
jl-in-f94.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 05:44:35 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
984.json
id5-sync.com/g/v2/ 		456 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/984.json
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
0a1b52d7f93a3974851004c1d76f8fb17c707fb5213b8805a8f36e9e387514f1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 24 Nov 2022 05:44:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.sanook.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 63D5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
77655
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 08:10:21 GMT
expires
Thu, 23 Nov 2023 08:10:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CCAD 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f106.1e100.net
Software
GSE /
Resource Hash
1611e558f9943230ea9f16487b8a7cb29ca156d48816cc305ef99a0d843fc021
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-iVmQlq1R1iNjOd9ZFEhVPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-iVmQlq1R1iNjOd9ZFEhVPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 24 Nov 2022 05:44:36 GMT
expires
Thu, 24 Nov 2022 05:44:36 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 63D5 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 05:13:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
520253
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Nov 2023 05:13:43 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame CCAD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=2302071209970863&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 63D5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?q8Ze1g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:37 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cookiesync
cdn.aralego.net/ucfad/sdk/apac-hk/
Redirect Chain
  • https://ads.aralego.com/cookiesync
  • https://cdn.aralego.net/ucfad/sdk/apac-hk/cookiesync
4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-hk/cookiesync
Protocol
H2
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eb46316b909c3a6c1451a6afd0525ba13f38471a3235411d913bd346c54659b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6148
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4516
last-modified
Wed, 16 Nov 2022 08:36:45 GMT
server
cloudflare
etag
"6374a11d-11a4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vKP9a9dUBnXwDV%2FuEtzWP0sEWwtHiE%2FSaqpu1LmRCv6rohiujub1DjQmcYkEzj58nhSv0WDZbSSVCuPDt3yMoboQZPJMoIlxOavHRd8e9YjreuD8SZ9upotIZpx%2FlMXruw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
76efd582c82faacc-SYD

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-hk/cookiesync
Connection
close
Content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=2302071209970863&bg=!z8ylzIjNAAbvMpMzzzI7ACkAdvg8WuyEibLDUK8RvpnLJ-x75MhQLh3X6G4OKpy7E5y8o7V0sfVhLQIAAABfUgAAAAJoAQcKAKQOAAczSEvzTTsaKjHmRlZRH1nKcT1gniEOUUdAlScQKG8QcmpDVVkPRs7arEjso7KcsZNAdGg0YpTRGEPwtiRxQiqqfwHODfcq7dET1zOjalFWUpmjJeRpTrCgUuMd7Oz76qGHlmdbZB790yP7KQJ4tIgzBsWf1lVqp1qU1RgTcpxUHygT5-kJtubygpVu1QQERkLT_iL4sOQ3DycOi9bEi_H3r5kCqm-d6YPoGTU67hTWMtMPOTOWTyqOPsGsJa2cqID3FyEmgFRjh_rKv6ZLRYG7RyQPIRWOSCJNL5SG-c5MofpczDz0NDJqo5XIq3DrudMKYTQH1m4MkaFRmFYFbst2-ZU_YzLa7Y29lI7WXDLJxsU5lERegmmkynY0qWpVyJtOh5bgJwbtDndSIhjGnuNtyxoUr3Z8pZ5y2T1Op0wAM8Ne0NgXGW17D-yPvqtSkksM4IMdXCN0GNaw78EuoXqmD8l0NH5sllyxzNsHwawxcjL-hu5tuLx5ST9xYdqQuHWG8IGIihLpNdlbtF0WCol1230gQDjrsmg-UKWqgugCc49Zj0UHww5MYoN8ocYZNcHoBjj323gxv_r65YFE87DOtqkAKQlY838Qek0ftdrDaS0zSi4INJQteRUx-g7lnSEeONHQARmIUEFpofA8rK1_a6BHoYZ5DOJczeFH4QhRZkZjpQ9-EG2xUxwZnFYZfLXNrT5nywuFGejwyndnlaXZH95OK-YDPijmP6PREt0denSAR4Yu9jw-UwAtmA4NjjhR7z05_SHzuwzrmrUTQkpcLUnvWTSaF3k33oD1mc15MVov2BHrus0KMpj2rk3qDq6pQswYcXywTdbxrcvASSG128_xV2Jk6eACqg7xFLQP8QxQ-z6I3AVYlbhv41RMh0Utc9fHaIyS2g3K3xRES00kL573HbPIU4jloVfAZ4I3mcYSmDI59B-tCSyiu_YeZP1KbY5ed-7vDpv7KiY3N_2EVMQ7NTbjDb8d9u-F_FzqNFbchdqOb5rrLJz74Ph1xnNvpfBVHTYyCHStzWk7fpw0ZcZ0P9avl13TTf_XGZ9pSEBu6AfKMZ-ip5Xjf5iT6E2aKNtMpiRwzn_f3PR_GdXuBh33cLZ2FYS2mxWzER8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
idRequest
sync.aralego.com/ 		46 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=14px%20/%2021px%20%22Helvetica%20Neue%22,%20Helvetica,%20Arial,%20sans-serif&
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/home/25321/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
3f8ca6e73718830a1a16ae4509ef829eb2241c08be954a2e65e3fe8d63dd1ed6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 05:44:41 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=sanook.com&p=%2Fhome%2F25321%2F&u=B34c9vDhLMuuBhwLUQ&d=sanook.com&g=59732&g0=home&g1=Suwimol%20Lucksaniyanont&n=1&f=00001&c=0.25&x=0&m=0&y=10244&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=15984&t=B2NDpGZ5KIbBx-JXkCuUjstCqOiwB&V=136&tz=0&sn=2&sv=p9sYmewfBLDrcl5xB7Edb3CnF3X9&sd=1&im=067b2fff&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.101.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-101-114.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 24 Nov 2022 05:44:41 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 203E 		714 B
798 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/cookiesync
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
1688
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
76efd5901c7aaadd-SYD
content-encoding
br
content-type
text/html
date
Thu, 24 Nov 2022 05:44:42 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CYnj2ohi%2BPCMICxU94z82gSDw9XEXoxhsioPYdPlA%2FAr5RPDbIKi86ez4b9UpqLUTAr9DvQsqEsq%2F77G5NtLPi7tnxpsNPcC9pZi77b4Cc6boK%2B3rp2rJrBU%2BNhLCysAOw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/
Redirect Chain
  • https://sync.aralego.com/idsync?usprivacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/e15561ca-e827-3e25-ac79-d2a1f674c4a1?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-Vb.GA.1E2oXYMG_tHpUd14Gug3BV4YNfAslFzAI-~A&redirect=
0
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 203E 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
2789661e67642847c0582652469996d40ea33e2750544195743cf7e2532e4836
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 05:44:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27210
x-xss-protection
0
server
sffe
etag
"1401 / 449 of 1000 / last-modified: 1669244741"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 24 Nov 2022 05:44:42 GMT
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ Frame 203E 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssM0fHsVacUcckNFOUspZDJYFMkh_zSZswvZMxp-a4zOvMy49Zhg6C6lVtpDNvrIOWc8qVU4pVeyUqV1cg30yaF7gRC18QwU9CSgFsBLshdETu9TaeZ&sig=Cg0ArKJSzIYwykyzYr7qEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20221110&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=846659022&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1669268665243&rpt=825&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvNM941onS2jx1R9FjtBzY-Yf5yzBzFJ3-bIWiEVRpT8KEHreRPmcSqj3jWvWnf56xlcTgd6JgBIsr4Ej1-ih18xEAuEWy7N_KWSGAVG3jmSTRadUiS&sig=Cg0ArKJSzI4HHCVVYc7lEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20221110&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=178697795&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1669268666942&rpt=1214&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0
Domain
sync.aralego.com
URL
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-Vb.GA.1E2oXYMG_tHpUd14Gug3BV4YNfAslFzAI-~A&redirect=
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Verdicts & Comments Add Verdict or Comment

610 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| objGTMInitialValue object| smiData object| adsCookieRegex boolean| GTMFirstLoad object| dataLayer function| getPage object| THwhitelist boolean| THFirstLoad string| page string| SanookAnalyticsObject function| snSAL object| m function| fbq function| _fbq object| NREUM object| newrelic function| __nr_require object| _izq object| webpackChunk_N_E object| PWT object| googletag object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_132 object| Criteo object| Criteo_132 object| _comscore object| regeneratorRuntime object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| next object| _N_E function| __NEXT_PRELOADREADY object| Base64 object| __core-js_shared__ boolean| isLottoContent function| fbAsyncInit object| __consolidated_events_handlers__ object| __BUILD_MANIFEST object| __SSG_MANIFEST string| hash string| turlnameindex string| _hsv string| _ht string| _ctg string| _hc number| __thflag undefined| stat_frm string| truehitsurl object| tga number| VisitorT number| onSeconds string| p_cookie function| truehits_set_no_cookie function| truehits_set_accept_cookie function| getLogonTime function| getLogoffTime function| path_cookie function| logon_getcookie function| Tracker function| _rdId function| _toHex function| _gsc function| _Flv function| _Hash function| _ref function| collector function| th_ajax_tracker function| domain_cmp string| __th_page string| udf string| arg string| _narg string| rf string| truehitsurl_top object| th_img object| th_link string| Oe string| Ce string| Ae string| Te string| Ee string| Le string| Ie string| Pe string| Ve string| Me string| Ne string| De string| Re string| He string| Be function| Fe function| $e object| qe function| ze function| Ge function| Xe function| We function| Ue function| Ke boolean| Ze function| Je function| Ye function| Qe function| tn function| en function| nn function| rn function| an function| on object| sn object| cn function| un object| saplugins object| saGlobal object| google_tag_manager object| google_tag_data object| ad boolean| adblockTracker string| GoogleAnalyticsObject function| ga object| GooglebQhCsO object| innityDataLayer object| container undefined| _izAlt object| izConfig function| _izooto object| rvAgentPlayer string| rvApiKey string| rvApiEndpoint function| ResponsiveVoice object| responsiveVoice object| config boolean| splitTestEnabled boolean| splitTest_useGS function| GetRandomMsg function| getHiddenProp function| getVisibilityState function| isHidden function| isPrerendered boolean| prerenderUsed function| createCookie function| readCookie function| eraseCookie function| getOrCreateTest function| oneTimeTest function| trackEvent undefined| rvNotificationPopup function| hoverintent object| COMSCORE function| udm_ object| ns_p object| FB string| DataCollectionObject function| datCol boolean| giraffDebugInit object| giraff function| grf_change_article function| grf_run_widget object| owpbjsChunk object| owpbjs object| _pbjsGlobals object| ucTag object| OWT string| partnerName string| key object| innitytagmgr boolean| bG57b51f2f1c51b15b6d1e8553 object| _innityq object| google_optimize function| cbGeo926761575 undefined| _grf_9626038996412485 undefined| VK undefined| ODKL string| Ct string| At string| cd35 string| cd36 object| _innity_wtl object| _innityoq object| V object| _iampt number| dz boolean| bG5f47736a47e7049801000002 object| ggeac object| google_js_reporting_queue object| __buffer function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData function| _UA-8147095-6_sendHitTask function| callback29054997967495755 function| $ function| jQuery object| jQuery18306868500874955614 undefined| google_measure_js_timing function| callback6932428286367016 function| callback3839242735680175 object| _sf_async_config object| default_ContributorServingResponseClientJs object| __googlefc object| googlefc string| __fcInvoked string| __fcexpdef string| MzI0YWQ4Nzc3YWIyYWE3NmxvYWRlcl9qcw== string| MzI0YWQ4Nzc3YWIyYWE3NmNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady function| __uspapi object| __uspapiManager object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id function| callback5400330405151519 function| callback6020917113273756 object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| msgData object| _cbm object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager number| google_global_correlator number| time_interval number| geopercent number| geoedge number| min_view_andbeyond number| min_view number| timebased_refresh_andbeyond number| residual number| refresh_andbeyond number| number number| refresh number| iframes string| machine_rules object| label_adapter_video object| label_adapter_display object| config_rtb object| adapter_rtb_new string| home_country object| adunit_network function| getQueryString_val_new object| myElementrtbtracker string| sitemainurlandbyeond undefined| andbeyondhttp function| getQueryString_val object| andbeyonddebug object| observ object| slot_vis object| start_time object| total_vis string| country_rtb1 string| city_rtb string| city_ip string| city_region string| Countrytimezone number| timedate1 number| andstatus300 number| andstatus3001 number| prebid_active number| newtestunitcount number| adlooksstatus number| adlooksstatus1 number| adloox_fraud number| andbeyondadult number| netacuitycpde number| width number| height object| block_url number| size3001status number| size3002status number| size3003status number| size3004status number| size3005status number| size3006status number| size3007status number| size3008status number| size3009status number| size30010status number| size30011status number| size30012status number| size30013status number| size30014status number| size30015status number| size30016status number| size30017status number| size30018status number| size30019status number| size30020status number| size30021status number| size30022status number| size30023status number| size30024status number| size30025status number| size30026status number| size30027status number| size30028status number| size30029status number| size30030status number| size30031status number| size30032status number| size30033status number| size30034status number| size30035status number| size30036status number| size30037status number| size30038status number| size30039status number| size30040status number| size30041status number| size30042status number| size30043status number| size30044status number| size30045status number| size6001status number| size6002status number| size6003status number| size6004status number| size6005status number| size6006status number| size6007status number| size6008status number| size60010status number| size7281status number| size7282status number| size7283status number| size7284status number| size7285status number| size7286status number| size7287status number| size7288status number| size7289status number| size72810status number| size72811status number| size72812status number| size72813status number| size72814status number| size72815status number| size72816status number| size72817status number| size72818status number| size72819status number| size72820status number| size72821status number| size72822status number| size72823status number| size72824status number| size72825status number| size9701status number| size9702status number| size9703status number| size9704status number| size9705status number| size9706status number| size9707status number| size9708status number| size9709status number| size97010status number| size9702501status number| size9702502status number| size9702503status number| size9702504status number| size9702505status number| size9702506status number| size9702507status number| size9702508status number| size9702509status number| size97025010status number| size1201status number| size1202status number| size1203status number| size1204status number| size1205status number| size1206status number| size1601status number| size1602status number| size1603status number| size1604status number| size1605status number| size1606status number| size1607status number| size1608status number| size1609status number| size3201status number| size3202status number| size3203status number| size3204status number| size3205status number| size3206status number| size3207status number| size3208status number| size3209status number| size32010status number| size32011status number| size32012status number| size32013status number| size32014status number| size32015status number| size32016status number| size32017status number| size32018status number| size32019status number| size32020status number| size32021status number| size1001status number| size1002status number| size1003status number| size1004status number| size1005status number| size1006status number| size1007status number| size1008status number| size1009status number| size10010status number| size4681status number| size4682status number| size4683status number| size4684status object| label_adapter number| tier2 number| tier3 number| globalandbeyond number| factor_internal number| timebased number| timebased_refresh number| timer_refresh number| factor_visible number| factor_tier1 number| factor_tier2 string| factor_tier1_text string| factor_tier2_text string| no_refresh boolean| detectPartial number| highcpm number| highcpm1 number| windowwandtest number| strategy number| myVar number| randomval1 number| network1 number| network2 number| percent1 number| namemc number| windowwidth2 number| PREBID_TIMEOUT_NEW number| floor number| ref object| rtbpbjs object| divandbeyond number| andbeyondtotalSeconds number| andbeyondtotalSeconds1 undefined| andbeyondtimestop boolean| idleStates object| idleTimers object| a9slots object| block_domain_creative string| pathurl12 number| geoindiablock object| and_geo_block function| checkeractivenew function| bidder_restrict function| callnative function| encodenativeurl function| callvideo function| calcTime function| isInteger function| myTimer function| isVisible function| bidadjust1 function| andbeyonddisps function| addListenerMulti function| callbackand0 object| aff_var number| floorlogic object| bidder_allowed_native object| bidder_allowed_video object| apstag object| closure_lm_443586 boolean| 74db08e7-499a-412b-8d55-513c1962618a number| google_srt object| _google_rum_ns_ object| adUnitand12 object| playersize number| pos string| native string| context number| count number| j object| adunit object| size string| code string| code1 number| flagsize object| temp1 object| bids object| bid object| temp number| flag string| adapt_temp object| params string| param1_name_video string| param2_name_video string| param3_name_video string| param4_name_video string| param1_value_video string| param2_value_video string| param3_value_video string| param4_value_video string| param1_name string| param1_value string| param2_name string| param2_value string| param3_name string| param3_value string| param4_name string| param4_value string| param5_name string| param5_value object| label object| debug object| adloox_pubint object| ignore boolean| apstagLOADED undefined| google_rum_values object| GoogleGcLKhOms function| setImmediate function| clearImmediate object| ID5 number| current_time number| refreshval number| number5 number| success number| timeflag string| idnew2 number| knew number| newidflag string| vs3 number| nextactive number| nextpassive number| time_refreshunit number| nextnumber number| passivergptbillboard2 number| activergptbillboard2 number| time_refreshunitrgptbillboard2 number| nextnumberrgptbillboard2 number| newflag number| diff number| flagnewone number| passivergptleaderboard3 number| activergptleaderboard3 number| time_refreshunitrgptleaderboard3 number| nextnumberrgptleaderboard3 number| passivergptinviewarticle8 number| activergptinviewarticle8 number| time_refreshunitrgptinviewarticle8 number| nextnumberrgptinviewarticle8 number| passivergptreca7 number| activergptreca7 number| time_refreshunitrgptreca7 number| nextnumberrgptreca7 number| passivergpttower4 number| activergpttower4 number| time_refreshunitrgpttower4 number| nextnumberrgpttower4 number| passivergptinviewadrequest5 number| activergptinviewadrequest5 number| time_refreshunitrgptinviewadrequest5 number| nextnumberrgptinviewadrequest5 number| passivergptuniversalb6 number| activergptuniversalb6 number| time_refreshunitrgptuniversalb6 number| nextnumberrgptuniversalb6 object| google_image_requests object| request

161 Cookies

Domain/Path Name / Value
www.sanook.com/home/25321 Name: verify
Value: test
.sanook.com/ Name: sa_optout
Value: 2
.sanook.com/ Name: dc_optout
Value: 2
.sanook.com/ Name: ads_optout
Value: 2
.sanook.com/ Name: _cbclose
Value: 1
.sanook.com/ Name: _cbclose45879
Value: 1
.sanook.com/ Name: _uid45879
Value: 6EC2A651.1
.sanook.com/ Name: _ctout45879
Value: 1
.criteo.com/ Name: uid
Value: d93a1752-a233-46bf-b01b-ff4076e57bae
.sanook.com/ Name: _sa
Value: SA1.2.2011867013.1669268656
.sanook.com/ Name: _gcl_au
Value: 1.1.260535345.1669268656
.izooto.com/ Name: IZCID
Value: 319f95ca-7ed2-4edd-b1b9-8c9068227a19
www.sanook.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.sanook.com/ Name: _fbp
Value: fb.1.1669268657713.2108965881
www.sanook.com/ Name: _grf_vis
Value: 1
.scorecardresearch.com/ Name: UID
Value: 1E48028b3b34e54fc5e4ee41669268657
.doubleclick.net/ Name: IDE
Value: AHWqTUm269rkpFpHOSh8ICLTdKpKDVkbofvyebZYhrSesMWiBICKOixuOuBOYGI1
.www.sanook.com/ Name: freq.5f73e63e47e7040e00000000
Value: 1
.sanook.com/ Name: _ga_M0RYDTKBFK
Value: GS1.1.1669268659.1.0.1669268659.60.0.0
.sanook.com/ Name: _ga
Value: GA1.2.521977081.1669268660
.sanook.com/ Name: _gid
Value: GA1.2.1992378713.1669268660
.sanook.com/ Name: _gat_UA-8147095-6
Value: 1
.th.giraff.io/ Name: gid
Value: 0TqyOWN/BLQJxgxzE3oDAg==
www.sanook.com/ Name: _grf_uid
Value: 367985734
www.sanook.com/ Name: _grf_cm
Value: 1
.innity.com/ Name: iUUID
Value: 4d0689ebebc4ce56596ccf5d7ad4691b
.sanook.com/ Name: iUUID
Value: 4d0689ebebc4ce56596ccf5d7ad4691b
.sanook.com/ Name: innity.dmp.225.sess
Value: 1.1669268660692.1669268660692.1669268660692
.sanook.com/ Name: innity.dmp.225.sess.id
Value: 13990706.225.1669268660692
.sanook.com/ Name: innity.dmp.cks.innity
Value: 1
.vk.com/ Name: remixlang
Value: 3
.vk.com/ Name: remixstlid
Value: 9071320629402214573_ZVqgttiQsQcwEDMDBPUxqxoZtclS8YZZbN8Ah3fb72D
.th.giraff.io/ Name: nid
Value: F2r5X2N/BLVt6XttaD/3Ag==
.openx.net/ Name: i
Value: 898d3973-fdbd-0fba-398d-09cecb90cc33|1669268662
.yahoo.com/ Name: A3
Value: d=AQABBLUEf2MCEKLpebxq3bWR7Mjt9kKoJ-wFEgEBAQFWgGOIYwAAAAAA_eMAAA&S=AQAAAikL5wV7Ngv8BG1rM90YPaM
.innity.com/ Name: iGEO
Value: NZ%7EE7
.innity.com/ Name: iSync
Value: 1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 0683D562-871D-4C89-8C7A-213479BC869E
.teads.tv/ Name: tt_viewer
Value: 6a92eb75-ce11-43eb-bf44-3649e163d455
.openx.net/ Name: pd
Value: v2|1669268662|jElYiuvOiahI
.adnxs.com/ Name: icu
Value: ChgIvrdKEAoYASABKAEwt4n8mwY4AUABSAEQt4n8mwYYAA..
.adnxs.com/ Name: uuid2
Value: 3198578105936587515
.adsrvr.org/ Name: TDID
Value: 5991ec9a-6f95-4278-8bf4-53cd73b3fe51
.rubiconproject.com/ Name: khaos
Value: LAUNGO08-14-55KE
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMIYzi2mfLHMgHXrd8oPN4aCbY1Lhp9WVJQx+7LG/aEoqVnZjrHq0R7Zcpj76PKZXj/hk5WIOeCMzHFfTQMKoUsP
.ambientdsp.com/ Name: _aGeoIp
Value: NZ-Auckland
.ambientdsp.com/ Name: _aUID
Value: xxl9uw7cwru
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y38EtwAKcMY5lgAO
.c.appier.net/ Name: _auid
Value: 1ldltZOaBUmqvVfVtwR_Yw
.quantserve.com/ Name: mc
Value: 637f04b7-95446-6f2f9-e4e5f
.mathtag.com/ Name: uuid
Value: 5519637f-04b7-4500-9b6a-7f6f3b1588d5
.openx.net/ Name: univ_id
Value: 537072971|5991ec9a-6f95-4278-8bf4-53cd73b3fe51|1669268663668778
.simpli.fi/ Name: suid
Value: CD47C018B3054D07B0988B6AD97255DB
.casalemedia.com/ Name: CMPS
Value: 5317
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjY5MjY4NjYzfQ
www.sanook.com/ Name: _lr_retry_request
Value: true
www.sanook.com/ Name: _lr_env_src_ats
Value: false
.ladsp.com/ Name: cr
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEEcJ9n9zmVq5NGuIOI3d48U&KRTB&16514-CAESEEcJ9n9zmVq5NGuIOI3d48U&KRTB&23025-CAESEEcJ9n9zmVq5NGuIOI3d48U&KRTB&23386-CAESEEcJ9n9zmVq5NGuIOI3d48U
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-CZwjkg-bdsMSliHAC5k5wlmdcs0SyiCRCsmHsbL7&KRTB&19420-CZwjkg-bdsMSliHAC5k5wlmdcs0SyiCRCsmHsbL7&KRTB&22979-CZwjkg-bdsMSliHAC5k5wlmdcs0SyiCRCsmHsbL7&KRTB&23403-CZwjkg-bdsMSliHAC5k5wlmdcs0SyiCRCsmHsbL7
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-1ldltZOaBUmqvVfVtwR_Yw&KRTB&23130-1ldltZOaBUmqvVfVtwR_Yw
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-3198578105936587515&KRTB&23339-3198578105936587515
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:2801637f-04b7-4b00-9723-1b83462d1c44&KRTB&16736-uid:2801637f-04b7-4b00-9723-1b83462d1c44&KRTB&23019-uid:2801637f-04b7-4b00-9723-1b83462d1c44&KRTB&23208-uid:2801637f-04b7-4b00-9723-1b83462d1c44
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-xxl9uw7cwru
www.sanook.com/ Name: pubmatic-unifiedid
Value: %7B%22TDID%22%3A%225991ec9a-6f95-4278-8bf4-53cd73b3fe51%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-10-24T05%3A44%3A23%22%7D
.rlcdn.com/ Name: pxrc
Value: CLiJ/JsGEgUI6AcQABIFCOhHEAA=
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-5991ec9a-6f95-4278-8bf4-53cd73b3fe51&KRTB&22918-5991ec9a-6f95-4278-8bf4-53cd73b3fe51&KRTB&23031-5991ec9a-6f95-4278-8bf4-53cd73b3fe51
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y38EtwAKcMY5lgAO&KRTB&22978-Y38EtwAKcMY5lgAO&KRTB&23194-Y38EtwAKcMY5lgAO&KRTB&23209-Y38EtwAKcMY5lgAO
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:CD47C018B3054D07B0988B6AD97255DB
.adkernel.com/ Name: DSP2F_67
Value: 373610
.adkernel.com/ Name: DSP2F_30
Value: 520869
.adkernel.com/ Name: SSPZ
Value: 136924
.adkernel.com/ Name: ADKUID
Value: A9156914857131033907
.ladsp.com/ Name: smn_uid
Value: ogqIhcRPDzV6eH6T3L9IBw8c_ZDZwPY
.ladsp.com/ Name: lum
Value: CJHeqcHKMBIFCAMQ0AU
.adform.net/ Name: uid
Value: 3744983394933995990
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~28gt:175w~28gt"
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3744983394933995990&KRTB&23263-3744983394933995990
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335--PIt4apGRqZWV3Beavlod3RaSso&KRTB&23334--PIt4apGRqZWV3Beavlod3RaSso&KRTB&23417--PIt4apGRqZWV3Beavlod3RaSso&KRTB&23426--PIt4apGRqZWV3Beavlod3RaSso
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-66e8c686-8686-470c-6aac-7c996f219323.A7g%2BcwwTFC0em6YzaDeRlaGcR9UGUHuaYXSJ22HpIQg
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AZujGhoaGRwxqrHyZbyGTI3RaSso.CXMPVZV%2FTXTTSQFCfEqJewsw%2Fnm4KkaWDBdaOe%2FFNEE
.turn.com/ Name: uid
Value: 3762872818583033692
avd.innity.com/ Name: geo
Value: OC%3BAustralia%3BAU%3B%3B%3B
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: cd6c5d792c2b1d0a2f7b26898a5aa09f
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSE4xSzZNMbc0SjZKMkwxSDRKM08yMrOwtEg0TUw0sExjAILkepYdIBoKAGKzCuA%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIrmfZAaSgAAAUBwGf"
.sanook.com/ Name: panoramaId_expiry
Value: 1669355064495
.sanook.com/ Name: _cc_id
Value: cd6c5d792c2b1d0a2f7b26898a5aa09f
ads.playground.xyz/ Name: connect.sid
Value: s%3AcjFF-YkwB_GiR7WTDgWPSzYZSVjLvHG1.FySYTydvKtHlSGzjMF1ChkQfCGNZ5m6IeEC%2BO7x0U7o
.uuidksinc.net/ Name: jcsuuid
Value: BoYlq4lWAIsO2dd7knb2
.pippio.com/ Name: did
Value: XB7KhQJZNIDkL-Rb
.pippio.com/ Name: didts
Value: 1669268664
.pippio.com/ Name: nnls
Value:
.bidswitch.net/ Name: tuuid
Value: 33e8fac6-aa9e-4dc9-b58d-e1a185dcb2b2
.bidswitch.net/ Name: c
Value: 1669268664
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7007434875126765404&KRTB&23150-7007434875126765404
.sanook.com/ Name: cto_bundle
Value: jeaD_19sVmJOZDdIODV1ZTRNOCUyQjElMkY5VExyYmlxMnNPM1N0Wm5ITERCbEN1RjZuSnJ1azVITFhvcVVCVCUyRm4yQldaQXNJJTJCOGhYM3NZSzl4b25VbENRaXE3aThvN3JVNzRsa2tUbFclMkJGUFZiNGlhSkk1UmgybldPM1V4YWhBTGFUbkFXVE1RTkRnOXhwbjlIS3czS3VUaWVQVTJ3JTNEJTNE
.sanook.com/ Name: cto_bidid
Value: ZgFIrF91ZUg3YzczVGNLOTdrbUxUV2NWbW9yQ0lqT2NxNkVRdlBieiUyQkgxSjVqYll1ZGYlMkJZcGk5OHI0U2x2OGpBTmlWTXJ2TkpEaHZIWCUyQkpRVnVJUWhsTkJMeTB4U1JQcERqWjFKWTlaakxadXhMTSUzRA
.dyntrk.com/ Name: dyn_u
Value: 07030001_637f04b8d3d93
.bidswitch.net/ Name: tuuid_lu
Value: 1669268665
.dotomi.com/ Name: DotomiTest
Value: 7020947fb7771b23
.hybrid.ai/ Name: vid
Value: 6948bd2837139bb6894f
.adotmob.com/ Name: uid
Value: 0869220419bddfe4759b696b
.adotmob.com/ Name: uuid
Value: 0869220419bddfe4759b696b
.adotmob.com/ Name: partners
Value: IX%3A1669268665291
.yengo.com/ Name: nid
Value: F2r5X2N/BLlt+HtuKEFrAg==
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 155976:4
.pubmatic.com/ Name: DPSync3
Value: 1670457600%3A201_197_226_245%7C1669852800%3A164_248%7C1669334400%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1670457600%3A204_214_234_247_231_220_54_22_209_5_107_3_8_56_179_165_176_13_71_21_233_96_99_238_7%7C1674432000%3A69%7C1669852800%3A15_223_2%7C1670112000%3A63%7C1670544000%3A35
.pippio.com/ Name: pxrc
Value: CLmJ/JsGEgQIAhAAEgYI7OsBEAA=
.sanook.com/ Name: __gads
Value: ID=f57c3744a56ae2c8:T=1669268665:S=ALNI_Mbxh1-DaNBwkynnpGRd9wG3nyg-Jw
.sanook.com/ Name: __gpi
Value: UID=00000b824b065f36:T=1669268665:RT=1669268665:S=ALNI_MbrXMZs_BWWwQ3_gctlYdkaFS6bug
.casalemedia.com/ Name: CMID
Value: Y38Et-H7.P2A086OIfb25QAA
.casalemedia.com/ Name: CMPRO
Value: 5317
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAALpApWdimy0AMnWzKsAAAAAAA&KRTB&22713-AAALpApWdimy0AMnWzKsAAAAAAA&KRTB&22715-AAALpApWdimy0AMnWzKsAAAAAAA
.a.th.giraff.io/ Name: s
Value: 2841950:653786:2841952:653786:2841952:2841950:2841956:653805:2841953:2841954:2841955:2841949:2841951:2818124:2818123:2817821
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.sanook.com/ Name: _cb
Value: B34c9vDhLMuuBhwLUQ
.sanook.com/ Name: _chartbeat2
Value: .1669268665950.1669268665950.1.p9sYmewfBLDrcl5xB7Edb3CnF3X9.1
.sanook.com/ Name: _cb_svref
Value: null
.amazon-adsystem.com/ Name: ad-id
Value: AyGK4MXdfUvroI69K5r_ooY
pool.admedo.com/ Name: tuuid
Value: b5488070-4332-48dd-8be1-941799492168
pool.admedo.com/ Name: c
Value: 1669268666
pool.admedo.com/ Name: tuuid_lu
Value: 1669268666
.linksynergy.com/ Name: rmuid
Value: 72c14ec7-0ad2-4840-a507-bcece64ec10f
.linksynergy.com/ Name: icts
Value: 2022-11-24T05:44:26Z
.tribalfusion.com/ Name: ANON_ID
Value: a8nsIHw5EGjAaINQeEcZd7gaKJauIWOLvmIYGbSMtuUoVZbYSpUnwSDnlEwOwDij8uMBEtpXNEnoG3fRyTiFXu03Zck
.smartadserver.com/ Name: pid
Value: 7657113909547014226
.ctnsnet.com/ Name: cid_fd7479c872b04a6d8ad20d6f92d37e0e
Value: 1
.ctnsnet.com/ Name: cid_f0aed5e1b065440fbc1d0dd287fdfd72
Value: 1
.ctnsnet.com/ Name: cid_8d5bacd923fd4ebcbe6162170de339ca
Value: 1
.ctnsnet.com/ Name: cid_9d1bc55b6c144491a26e2bf1b04fb22d
Value: 1
.semasio.net/ Name: SEUNCY
Value: 817DF5B6FC56CDA0
.tapad.com/ Name: TapAd_TS
Value: 1669268666604
.tapad.com/ Name: TapAd_DID
Value: d413f4ce-073b-4fa1-b335-bdcecbcd182d
.rlcdn.com/ Name: rlas3
Value: B6+GmxnqOvFY9mJL+kaOviZgECikfE0yq3pKCKmzYho=
.w55c.net/ Name: wfivefivec
Value: FaAJvaKv1OY52a5
.pubmatic.com/ Name: KRTBCOOKIE_1159
Value: 23138-f0aed5e1b065440fbc1d0dd287fdfd72&KRTB&23139-f0aed5e1b065440fbc1d0dd287fdfd72&KRTB&23328-f0aed5e1b065440fbc1d0dd287fdfd72&KRTB&23427-f0aed5e1b065440fbc1d0dd287fdfd72
rtb-eu.andbeyond.media/ Name: ADKUID
Value: A7537983864338538441
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-33e8fac6-aa9e-4dc9-b58d-e1a185dcb2b2
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:FaAJvaKv1OY52a5&KRTB&23421-uid:FaAJvaKv1OY52a5
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!7877
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7c30c968-db8c-41ae-b6b4-46126cfe7109-004%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: SPugT
Value: 1669268667
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7c30c968-db8c-41ae-b6b4-46126cfe7109-004%22%7D
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsI0s-6m5_6pjsQBRIUCgV0YXBhZBILCLDYpref-qY7EAUSFQoGZ29vZ2xlEgsIpNDxxJ_6pjsQBRgBIAIoAjILCLDQqeS1-qY7EAU4AVoFdGFwYWRgAg..
.quantserve.com/ Name: d
Value: EKwBDgHTJ4EO-TA
.bidswitch.net/ Name: google_push
Value: ASkJ3Fa1a_W7srv66tt9jRmJV6VDj6yJmqWdnr1xn2q3YdQ2S_ya8Q22HBvxbGxRo6mFSY3WK5FMWW8vTBUT2cqhxyhc9DmKSv9E1Op3vr-abXFDC1gs8EbrQuHBVbqGy6rZRXaYfLDFQXiz
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-7c30c968-db8c-41ae-b6b4-46126cfe7109-004&KRTB&17107-RX-7c30c968-db8c-41ae-b6b4-46126cfe7109-004
.pubmatic.com/ Name: PugT
Value: 1669268668
.doubleclick.net/ Name: DSID
Value: NO_DATA
.c.appier.net/ Name: _gu
Value: CAESEFAlJllChRCzj4p7yAY0XGk
.casalemedia.com/ Name: CMTS
Value: 5340
.zemanta.com/ Name: zuid
Value: UVapJNBgguBQ4o9of5Rq
.sanook.com/ Name: FCNEC
Value: %5B%5B%22AKsRol9r-LSVTFjDpLkb5hLdsNzs-9HG_3kAdh148DKkPDL2kSJVVzEADGY8Ug347bpN6mdg9VgE9fBxwiu-rnLzeWxzN5MArL_NGdkiOjPVEUcPCz0q3eVKYhjmeGimUEDM39p7XtGfQ1jp9aIcjaKTC_Ujp0MHjw%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.nr-data.net/ Name: JSESSIONID
Value: 883cc1b1e39afbf7
.id5-sync.com/ Name: id5
Value: d3ec1e71-06c8-442a-9e94-153f0f169f4b#1669268664898#2

5 Console Messages

Source Level URL
Text
network error URL: https://graph.facebook.com/?id=https%3A%2F%2Fwww.sanook.com%2Fhome%2F25321%2F
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript error URL: https://www.sanook.com/home/25321/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://www.sanook.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://ssbsync.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
a.teads.tv
a.th.giraff.io
a.tribalfusion.com
acdn.adnxs.com
ad.turn.com
ads.aralego.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.co.nz
adservice.google.com
ajax.googleapis.com
analytics.google.com
api.rlcdn.com
appx.sanook.com
as.innity.com
avd.innity.com
avd.innity.net
b1sync.zemanta.com
bam.nr-data.net
bid.g.doubleclick.net
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn.ampproject.org
cdn.aralego.net
cdn.id5-sync.com
cdn.indexww.com
cdn.izooto.com
cdn.th.giraff.io
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
code.th.giraff.io
code.yengo.com
connect.facebook.net
connect.ok.ru
core.iprom.net
cr-p3.ladsp.com
csi.gstatic.com
csync.loopme.me
d.adroll.com
d3div1mtym39ic.cloudfront.net
data.th.giraff.io
dd31626167c276297e6a56d55da8592d.safeframe.googlesyndication.com
dis.criteo.com
dm-eu.hybrid.ai
dps.jp.cinarra.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3e53fa1d5f9481e3c3ea09a1608fb97.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gcdn.2mdn.net
getimage-member.sanook.com
global.cloud.netacuity.com
gocm.c.appier.net
googleads.g.doubleclick.net
graph.facebook.com
graph.sanook.com
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img-as.fsanook.com
ipac.ctnsnet.com
jp-u.openx.net
js-agent.newrelic.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
lvs2.truehits.in.th
mab.chartbeat.com
match.adsrvr.org
match.deepintent.com
p.adlooxtracking.com
p3.isanook.com
pagead2.googlesyndication.com
ping.chartbeat.net
pippio.com
pixel.tapad.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
r1---sn-ntq7ynle.c.2mdn.net
rtb-eu.andbeyond.media
s.amazon-adsystem.com
s.isanook.com
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
sal.isanook.com
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sloth-api.sanook.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.chartbeat.com
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.adotmob.com
sync.aralego.com
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.pubmatic.com
tags.rd.linksynergy.com
tencentth-d.openx.net
tg.socdm.com
tpc.googlesyndication.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
vk.com
www.facebook.com
www.google-analytics.com
www.google.co.nz
www.google.com
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.sanook.com
x.bidswitch.net
api.rlcdn.com
csync.loopme.me
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
sync.aralego.com
tpc.googlesyndication.com
103.229.10.247
103.229.206.241
103.231.98.193
103.231.98.194
103.231.98.195
104.18.216.65
104.18.24.173
104.18.33.19
104.22.53.86
104.22.79.123
104.26.5.103
104.84.172.224
107.178.244.193
107.178.254.65
119.81.192.134
119.81.192.141
119.9.108.180
13.115.124.23
13.33.100.164
13.33.39.40
13.33.88.55
13.33.88.98
13.35.19.109
139.162.23.100
139.162.38.30
139.5.84.243
142.250.4.149
142.250.4.155
142.250.4.157
142.250.4.94
142.250.4.97
142.251.10.132
142.251.10.156
142.251.10.95
142.251.12.113
142.251.12.155
142.251.12.94
151.101.193.108
151.101.194.137
151.101.194.202
151.101.66.49
157.240.217.15
157.240.217.17
157.240.217.35
162.19.138.116
162.19.138.119
162.247.241.14
172.217.194.101
172.217.194.113
172.217.194.155
172.217.194.95
172.253.118.154
172.253.118.95
172.64.151.162
172.64.154.237
172.67.26.199
18.136.172.50
18.138.18.111
18.141.93.231
182.161.73.129
182.161.73.136
182.161.73.145
182.161.73.146
184.25.221.62
185.183.112.155
185.84.60.20
195.5.165.20
202.131.200.84
202.241.208.100
203.151.128.145
203.151.130.247
203.154.91.216
209.58.178.57
209.58.188.181
209.85.200.94
216.130.169.24
217.20.155.208
23.106.127.38
23.106.249.95
23.106.69.73
23.23.131.203
23.44.0.196
3.1.14.27
3.113.156.50
3.33.220.150
31.220.27.134
34.102.253.54
34.107.231.31
34.205.101.114
34.83.125.63
34.98.64.218
34.98.67.3
35.186.193.173
35.190.60.146
35.213.12.39
37.18.103.22
38.91.45.7
43.132.80.21
43.132.80.30
50.116.239.135
52.46.130.91
52.74.13.196
52.74.36.190
52.77.152.198
54.169.203.49
54.73.182.21
61.91.93.41
61.91.93.46
61.91.94.165
61.91.94.166
67.199.150.80
67.199.150.81
68.67.160.114
68.67.160.137
69.173.158.65
70.42.32.223
74.118.186.45
74.125.109.230
74.125.130.138
74.125.200.132
74.125.24.106
74.125.24.138
74.125.24.156
77.245.57.78
87.240.129.133
89.207.22.105
0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda
0099a79fd14c9c7f6306c7c0767279f4b53b37eb13d0d6d2a77d51d150d2d960
013841362f30983b4fd08ad270a68c146c10d26708cb41d419838ef369ec2821
02d87655ea57925a407344fb207920270b0f67db739fee52288dcf19c5cd23f6
04424cbb2eb9da61755964e44a25d7eede5c03b70f505690d7ee194f8803118d
04739cdd0a9f88f3ceac9851166b8376d4d10cc38cff7f92edc30d5e298d11b1
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c
080a24e8a5e804a8a87928cdd916cc8a716824759b6244499dc8c6c09b7d2445
08a8463bf15cca775e8cc01995f1d42758cbda90dee2b7019fee15daa62822c9
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
0a1b52d7f93a3974851004c1d76f8fb17c707fb5213b8805a8f36e9e387514f1
0a55a803103fd73c135ad66d1a8b9aa2a7a7bb0054618b70a9c0d46c87a59371
0b2e019fbe37d9642ad85f3194ef708e5510f4e580544587d3036d2c6a22809e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c2ca733d1698fa82a214299a9c2ca30d13fd895320613cb4dd000dd5ed259cf
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0efc2b3150feea54abc6285d834aaea36661ffd5acb56047656748c731d12330
101b8d837f8e01156fc293db1932eead16c29f9f16da622bfa89f394fbfd1273
10b7f660bbe70fc660e99f219bfd972dafc4837c50260a04c0ec63f7a7c2cead
13c6f1aeadd5d8c5f426b3658373db80484f412addc0070139bb11ec99f7435a
1495c7cb4444eebcda5f008ee3df500365ba46ec49b4148ca95d44da5d747da6
14dc2aa36170005738abb3603f00e4fba515c105c54c1407f29e7036d297a2af
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1611e558f9943230ea9f16487b8a7cb29ca156d48816cc305ef99a0d843fc021
175669f8054fb79757d2b5c742e164601a9d9b5a690125ce4a3a8afd56ec4f09
17c1a65dfc520d641ac19f90acbbb439bd737a4e0bfbbffad3733203abe9280e
17e8c8d4fe61b7fec5cd461b3b1e765ff00444daaefe52ffb79a8c6230cd2196
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19e13b08d97e0c77e8b042c297a7f129dd7c23644aa890d59d6327c4bc1f0ccb
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1c4ab2f8971959b6a8e4375092eacd41007a97c2078e14af4dd43fdfea43bb6a
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f2ab1dff23a9bdf27eb5500fcac9245201cd1021d01b623894ec3c6012077f0
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fe5a6871f4b3be10203452ab3d84986719e3e0908b6dec7320a11b2e5c99cf0
203cd9863a5fa20e8871c5ae97b1752c0025984a980f2f3957ae00b258e87bc7
211ce11050c57b74d7f793232305a8ee5cea7f061366efaa6df4bff5cb7a2495
218f3220f1e46f7d858f45c146e361f9a8a63337a0960df49cdcabd43c7b13a5
2267c122ec0dda33597b1c2b0507c64b8bdba8400ed9e3f47de4d1f436d83f9a
2295fbd4eed6fa5b0d775a17048a0f73e85c3a347bb384be7b427418cd453d23
23f6b7576d03900e1ea17080e9019b032de26273914d90ca6008b83b9e2cd7fa
2789661e67642847c0582652469996d40ea33e2750544195743cf7e2532e4836
28b09bd6e12d72caeeee6dae10fd9c3e8d6d3491c417e6fb3913e985dfa430fe
2a2d868a2caabd0011af12d9e9834c8fcde223d0b440dd040f9d6165dd7e860e
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87
2c798a47254246a3f38ad7bd8c61e8b3e6e43836ec2093230f75fcf0e73c7064
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f461c583013080072414b5a3d14df743836c584712ba1aca8840ccd36e5e460
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816
3020093e634ce3e78925ff9fc55f11ef0699d7b609a647eecb6321f3c6e42d22
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b1e7764fe82e6cf6d1a1c1d94216463a49dca8035e7ebd8960b41513995209
31c63b0033df6ca33ccf1d4ede2f8f18caf06653947376fa6a07df3ac9500e1c
32acee589e4607dc785778afceed99b64c0ee447b43018dd05ca37d585023724
346463599018e0f2d04fe422bb559325382b21b8e1d80cec3f5c9fc8875fef0c
346b865be50e9cc743218381994c3acc06e7b6d144a39811f760a904f36687f2
347a1a93f15f2e4e49ec4956179590048c292cab68669b230759e5652eaefd65
348b1bd70e7d51afaa06fa3fa15fc8c4c61842c1563ae4e8d3b6c44ca53b5354
350a787a722a405da6e1c1c8de24d50a63726bef3d25e8fb020352e60ef35ee2
3609f7ec58d2e4536a4287ccacfd71b0f1785da88eaa76a1606ff921c9a9067f
368ecfaab02401dba8ac6ab9431a1a3aac05520d0d3592b2aab6bbeacacb3832
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad
377fc815a99013c89474ff2603750cb2b3453bc23abb65fc635aa9e8b6dd47eb
385addf3395866c92278f92a99cd094fe889793887f0d4b02ae4b53a7e4cbe9d
38a7230d2869354582432fbb7d59dec1904c655012461a9ee5ddf38aa89e7541
38c831bcf8b9a155164e37dc892ffd80dd517c3cf788eeaf007a43009c2347fe
39a9767a33fe8b9d31f24bb9f29f98152c9f738a1bf59539cfd87285d30be231
3a4159783a00aeceee8f7829f2c50c7fdf8401c2110710074e789a3fc2ad615c
3afa96e2dae5339871a96f936a88668f9d561b3c0990a22c04cbea60370e3201
3bf08fa276b337a651a3674ce5afa0255458a49658623644c656c2115bd8557d
3cb9d710b64a5f785a25b5e7d157a4eba6e9d86c24fbd088ccdf71120dc30925
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3ddd01b8d94bd6bbf8c28aed4085e148dd8ced6efafd10200290be4094387ef0
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3edb7407fdf0f86e7eb5ad8b29c67861890983c5c051e9f7ad0cefe44fee7710
3f8ca6e73718830a1a16ae4509ef829eb2241c08be954a2e65e3fe8d63dd1ed6
408d7c817bb914e45a637946c84034557c79acba44f7b0bb3d95d23a992859a2
40abc4880772f110611607f0955794442d10f5c3fa1d61712516f86aa2e7cb71
412e44de7c09f2b8d76b1ad4ca25cc6915bcca5d737aaa7c5a6b44e5965d1d6d
4291f90b8ec57434058ca86221ad072e2b06f1a5ef3eeb798cc2696b7b792d9f
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436
44ca2146f5e4ac14cbb7e71aefc11dc07792aa5302627fee0209b3ecdab18b25
458f47c8d4e71d58a27ff10bd155f9f77a2f630cba8d0479f5810cb74bd8596b
45b5fa3e374e32a63cc6da5d2e658a5ca953087ef76af2d16a28d06d8ea4ce61
45b8b11162e358b831e2ff38bf07599644b58043df4b4c1f36aa96729cdbe0f1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a
4b302b2715068db522ce00a944ac9e8e30153217d0f678c014b6dd7d6a92feed
4b73ba1653aaddc0c19e9729053ed92d6273c68705d70d145bf83080feee8deb
4baa7a19fe60390667c7f8a64cdc0577a34dd2755a5609b1d7b2454584955d71
4d59a5633f0c0824633eb8631d3219b6893ab33de44b2f7989f7828bc599e9e9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
50a668fab0efe7a5e31290bf21b2bcc40554b44c3556aba9a2e4a60b38bad6a3
5110aab5d36edcf2017880c9c458460e7bd680a0f68c0f74bef3962a572e7f79
53ae2e57651ab2a877cbdeaa9177e247613676965241bf997ef2a00618f13636
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5408d99b4819f12579759ffa8c61c2364efaf48c63eff86a5bf7e0eef140faa0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f28896954199de4b7f4d570a152f04844bfa027034442d9a99c26937c3924b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280
57c7b404ca9d387f220d04139938336cc7f030ab8686904d294723a95255fb5f
59fe0bb62ab5181c6615cef1eacc5d372eab0d0fb8dcdb298b774297ae96f1ff
5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305
5b8d469046c33ff85af2edfe4225d0e3b241c3ca53bb568f2e06237167c2cf0e
5bcb9c7a857a6e8cab83d06ca04f9b6ce57c9418b0c3295e0803bf3481503859
5c360f4a08727f0dbb9b0452830cb058ff02f8bd09d8e775bfc267655374e186
5c9ffe1bfb0d4ac195af879d7ce333dde2534bb66d93e990d52c421891d8b746
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5e5a26e546724b7e80d5f586ea747aa43861f804ead9b6a5d3a2d42601c52275
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
5eb46316b909c3a6c1451a6afd0525ba13f38471a3235411d913bd346c54659b
5f21698aa6edc1e7617e25ab5d6ed60285c07287fe98251b04dcdaeb7161d1d1
6110bd3d72d24a65ab45401d0318208e362f323aca3c84d57a36523d34a60f0b
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
62df83fba04d0a0679329b97fef945e7de87ff679a9f28e03a32e45f5d50a687
630ac1badd97b04a0e75524dab05f2dc502692e58611d77a99c6aa86abaa092f
63a535305d3b0ca376dd8225cc817b1e6709f346016a99a5aa85c48ca2f77482
63d5f7ba292588f45c5ea9269887ff650d5a291f91b474009ec5d3031df5bc8a
65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4
65c5b10fbb5cc680e30d8fda1446fa2e055692d7b35522a5263f800ba3e6c5f9
65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479
68373eec97343cf05d245626b50d5afad969c2384fd23eb1a7be48cfb449a39b
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
68551662722fe4ed510f4d33fd3aee3dea77c47dff7584e8c50d1dc9241f22df
6947c2fe1514ddbd1533c2de0e02e8e617133d845d10426893909dc7255e8838
695669eab4d353184ff9d06af8b2e1d0c0aea5af143d16b84206b05f1fa7ec3d
695e3e04c7d78887cbe74d3449f5c0a5e2ef92d173e6cbf8f692d3e028f4554d
6990cfad4e4132146ad6698cf9d4baaac8ee207b92a603d47be091f77a882bdd
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6bfbec53dce88d3ab3cf41e150c117f338e405625164be29daaf5d917cb2fff3
6ce0dcecdaa6d3ab36ea92b785c05ab7521a7eb5e2b98a6987cd16f72f7e6985
6df3fae0f95fcbd6e771bb55bf0115c3d1f29cf5f68ffc965cc0ba3188a697e4
6df794147891582a1b2206cbc0db006cbef4bbd41ca371278a67658a1fbfca9c
6efc3688c28ee7b57861ec7a9d4bf85de6af635d47ffae54a8a1369ca300843e
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
6fd36494170606224d58be155db93df5922162d648b043654edfcdbaf329e422
706aad9686a49302c1b1f349c361b2dde32254423c107d07126887cbaa13c0da
72b957c8e33b77cbf556151dc0c974c59408561b4bf97828c5b400bb60663138
7340c8ee92ceeab2e41ed0d5fce789dd64f636c34f5c2afcd0b673edf082c734
734b814220ae9a3d44b59d48528f68672c9e17be6857b1dfacb6f18a37fd172b
7370f526ceb716db8adcda4da04b867b68190adb6976c1ba6563d9cf4253efc2
76524e1b1f42f4d5fb1e1bc3d43025d582f2a92a1a5f18df2d6207e6b8ac7be9
7874f5de129953916f7fff8debfc15f90f17e8b8138e209c93368106cfb24a95
78e4078db031930768b60fba5c4b789a32356dbdf7a26c8bf11cdec73441d040
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7954a0d6f2c6dd81496228d5665194d0c0aa4c33e1516c79ba8db0b37b116f5b
79ca99992912bb6fc4380d9ac2e572c7ebfb50d429b8fad75741a8e866abb3d7
79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d
7a20b2f4c95a6a55487856ff1dc3f2649ced5aa8bbd3970907cfa4554dd1c3bd
7a6ef10f6238d90fe58fb1a1c351da8eae76a7137f090615d7df3ce31887deb1
7bdc45d292bbe8e85ae5a88d1a20af2ec993bd5874b023640b09d78962336b24
7c102a48d14ffcda0802c72ae0f0bfdda3860045ed09e6fba3f0328b05948592
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
7cea76adea490a4845fe50f4896a60e5d1c64f37a9fd09a2211f5ce4315d245a
7f286e834c74c5cd50fe25466a3f2715da037725618fc59f0e63d9e61c9b3103
7f858d2bff3b98fdad47ee09915e4bb07e717e2e1d693edf309fb0489c6c4857
7f92983638b4a71c8c67844f3af4d823315e90d34ca35768518480885f8fa164
828ea8a4db6e5efedf4976ec59e47ffbbd53240fdc6540994c4b9bb96d3d76ed
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
842d8a1bd674d2f6b14e0ce31cbd6a5c08130d0435eb8a2d0b367c725f8541e7
852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
85a00a5b4fee097fe191dbc68564d9601f979f3ceced79ffb8f222348d4a3586
8756f19020bac3a40d2a403c5f5bcf3ac5034bc0da074d6a383bbe6c32561de5
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
880b0eaf4249b9e136ff923665d40fdb50e83e0c2ba219dcd911909c4d84bf3c
88840e806afc7ce7aad50351671a625b05f5ec3cba018f2e4697a5e1a4fe2f12
8ba8171380d43be26900bdcae86dc40db782f43072fba0455adfcee3a1ee517d
8bfe1221f9763250929302a409013542ae31afe1cc59a9c038b76e6dd9f1b666
8cf25de203abd48ef83b4a2591c1648b0bab022fb93a131e7fc0255a68b9f555
8ec2411a1dcd8916beb0d3cd70561f558f77738ca712b610e1c229b10f9931ae
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
8f8559a1d533e1b9f28b7904b9328abf7defe554bb3cf4328d84e21ddf5764f2
949ccd2a2c011dab797e079fd241c79bc668e728a8c2f59970deaffe8eb5a436
9559b541e0932088ef9971d190c2abed6f794b2964183b219f996b9105dccd49
961d229d175028fbfd3d00e81feb209f7387faf364b214e228fa13d49cded016
964b656289b3bc187440e3556d72226c8f364bdc257acb0b3a99956ad013b60a
977b635e4f21c6cc0272daeb93becafa24da94f3f20747263444219819741301
97c533d96bd5b606c7151b9f954806d15d733e5fda4f2b18a8d64e5849bb7b04
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99547a965f07daf7a5531abff25b655f8ca954dcd1fc1794a87e62b4f59069a7
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cd0cf9358f6d9ef9aecc29466faba4f8f2f5b9a79f03be60e6b220558fd4340
9d3626a3bb3438eaac74866467e001d50480e6edac1b89cb7bca3c0ba79f1850
9fd5e958d77db522d4906ea4727d421705192548c201717ab75dbde7de246f5e
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4bf1553e65e0b64856339698b2521d5fc3efacd32246077ffe355fc2bbd7715
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a5e34c156a41f3fee11294483ad0c2d7386cbc6ade84df01c240671a39ed419c
a783b176ba9b61940c1c7b8707ad1be51a62f3e83e46f97352fd5cf913fc19d7
a7c3aafa4ecc298cc3f841c0db323285ccaf4d4aa8231a5126476e1945264ca2
a86e6dd7602f02e4cbcb0a4192762244e477043a27d302a3d822f11943963cec
aa4d15417aa5ae19e6e38483286610d63dd7f3235f95838d5262549ea2fb7216
abdcbd0e60f62a50b0d3271f92f39525074c9fca5339df5692b764322a2dd2ff
ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b062d4a52d40ebd9597323242db21ecbbea36a5240d605fb4b2e303e5c927180
b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e
b13a8ce91bd924e4bf2322eea90ca70b294b4f2aa68edf0f12c4d6015af5ec6f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2b0929b20623ba4c0bb366fe428f6bb4a82fbb7342a16cc0cdf5b81a7eec0a2
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b719b12816ae6609a58830573b4f2bd5d410e4c6e83edb62c480066f25a4cf07
b75ad8c27a2ecc20985a96643700f81c729e27904a6a09ddeb813782b3bb1a54
b7d8b2d40caaca85c76faf4b8b9755236373e14030f7df968fc1d610191ec5ec
b926fc5a4899f8b35b315bfba6adc485e8b39f042de248af74aaa5b5b1036528
ba36f52c2f81ac88edd9a126c91c8028eeccf0a34fa695a55e9080d4ff8f7e50
bae2371550aa03e7f7941f8cae206a42431ca591fb78790b75f8e669f8507f1c
bc204af512175431ab95e1cedd21443df3ca379cc1eb41da8f316c1f82b7d058
bd57a61f43f28d380c82fb08466db41fa4ffd4113881ea4be957c9b03741f4b6
bdf905c84c6e5a3c201025266020539ceb820597c68014b31290f5eb897c1ddf
beb6d8bf79e492a84adf9823f91f1f9bc10e8186df99385c736894c4e6f7fac2
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c384bd8a806ed39f853e719190fbb0931b24191addc2e90c04c6e0afe4aaa6e3
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c56e825f63aac9beb4c0214120319447a7f2ac3e216fb0fcfa10cab222ea732b
c6d3041c11f6a344cba076473fd517846b81951073d72800d4d99a067fa6fc2d
c77c73031f12ad805be49f065989e35ee84cdeaba71e1b64c650732c921409df
c7e91ec737c4456ae82d47d50d3099d60105d58ddfe04c0001b9b13887d41d21
c874f708f5b975cd971bc4b89f3a432a46121a549273f79c0e1363ef54001157
ca2371f835455e7a9fd0d0c5d4864395aacc3b64b828e98a608ef66294e87a0d
cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec
cbbea5ddef89ab10c3ba4c56b378f820b7426c4da981721ad97f6d7638e0c2b1
cbfc0f99fd06c38d44c8dddbf41c42296b32806b2dc0b4f23dee4fe5bcf8df7e
cc03fff3559bbb3394df6072cffc349bf0d7efcba448b3e63daaa6a0801849dd
cebfa75512f12a4d2f05cacae40f83ddc3e1efaf90aba3d5c9eabe0625a94858
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d021a42429c9121303b4aa9316b84d89377992c1ba5c680eadb5b3e38989fe61
d021bc2a53f6e00b6e9c304fb86b902a7b56fc6f557f0355fcec644c2cd2b26e
d061123736a05ff269fd2b8a800f730af3b7a97abeac5781000c192903bbf7fd
d06e6259246aa5177a050b9abb0c5e921dad8e858168ba6e2d786a261536f35e
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d4978bc4436776f89cbbb158e18b8981076e6df5fc794f947c7af14c10e1df9d
d4d385116b169a73dbb5b4954328b178dc4896de4afe21451878b15ceb6aa56e
d57aeaf80265f0b85de1bf9798c3eb60e8b8a71869a16cea4873e21667c9f657
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d68c3ead837103c502de483abfdb0167fa83abe2a3ba452df2d5f216289f6c9f
d796897ebeeb3a78cb892cc90935b28fc25b2021d6ed5584fcebd186a507e7ae
d7b00141f7aca0d55191a03fe992c364ad5a8ebb64693e8ec0812793bb4215fa
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
d8d21e31c01e70d6b42e44b60dafd8e5c7f2db23fddcb812035cb6400607af85
dabde4e9253aaa809f350e37347ac65d669447f9d23a391eddcde4a7ad941035
dc2ba1ee2b3ad0d45daa0260a95704b9154216e7f41e835afd8570fed2614fb2
dc6dcc1ad40d9f73e21fc4f091686e583c1329dbd478986aabe5c62272ce2904
dcf086f6590fd2971fd158cbc4ea57badce899e18960f4fbf1b769eb358f2458
dd11b08fe56f9908804f916c637d7fb159232f8185f7330df5d8a4e5288666ff
dd396cba7949e705825c1cfc7f12946cce49176ee3d7da4ca179aa864674674d
dde449ad98d9cb902a2cebc6fa388800968da80fb823743edccb3aae0a144008
ddf10c8a7194c3db6494c341aba045de24ce3e0ef5a51ab88e92a7d66984172e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9db41ef9ab41cc0afd73264d33532091ddf10439462dcff3195e82f20650bd
e0d6657f2b9b741ab675706a2cba0e4822b8bed5c314385b85f67b0ee6f03acc
e0f2a1ee1b729c0d0f2c91bd7932130646b6fa4b4c41479a079935aa6d35cf3c
e16941500a7e562826092aa4e31a907a0c6e9354e4c843391cd3fdec33602bb1
e17a12f3211df9c07f38064a5806d3567805e58f9c259a5bb3007d3046a9928c
e1dd0373eafe520d6db9b00801e1fd69cb68717cd00c1fa5e3cb2cc3fbd4a864
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4da0b609b1c66eafc28b4b85f98124a93f73af4dfee658b5d1dc5811b607d3c
e4dacb6915e2162721159f0956cb2ad217d1b669ead947e93e3dae99102d108b
ea553d138feb2fd371386abcc68318ef46cc0f04db4dbbc6b5daf05cd3ca021d
eb0d6fee256743adb2eb80be9455dfde6d4ac7d18509904a5cf2015dadb670e5
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec372a515c260b7931eaeac0215a9ac5ef25aa0ad83047aeb26ce17f5641c2d3
ec3e73994240f1fa56aacecf547b95c027f99ca35407cd679e0aa609eb5120be
ed55328b88771cd195e70946ce7a63317abf0d171de1bb2574c54f4dccebcd79
ee1f10c640da0cbfc1e53539a4b99d3dcfba1c60ee29adcf3bbf5edf665395b2
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0bb9c9c72b6f31a523adc1edc904fc5a8f2868bc10c4819de335d73501ce4ac
f17ea372ef0441be0906be0f0b9c4ebade3bb167443abcbaf4bb1823bf19703d
f3ab7ad779a09357ad2f28fe54f8872398693a62dc04bdce11e871b93b38fcec
f43762f8d21458d2db8345c175545afe7c12bd886a827956d78ae75dafc50179
f4d3664e9c8206462a5d8d3375f21ec961b0d45ad2a0909b8d162473064424db
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6d088282ddebf12446b85eb6d90bff6d4f2fe3e165cdd7669f1c560424437b9
f74ce812ddb6dfd7e960b04ca7b0317f7cd0cf02bde402525241e6f4f5630e41
f9d8ca8fda463dbf8a16c3f002df03ccb938737e071449823681273fcd211095
fe2b152d29d89e781da4d79d5a6a6c34d72246ab37c9ded4b4c9b781c711a974
ff72296150ea01e17cfedef2f248a26d15d6e212e3542c2abc270347cdb9022a
fff7afafbc9cdd6af376ff7cfd3010750fae4fd9a9114d9b8e6e055cfc35a866