urlscan.io logo urlscan.io
SecurityTrails logo

www.sanook.com Open in urlscan Pro
203.151.128.172  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://webboard.news.sanook.com/forum/index.php?topic=16457944
Effective URL: https://www.sanook.com/
Submission: On November 28 via manual from TH — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 133 IPs in 14 countries across 114 domains to perform 456 HTTP transactions. The main IP is 203.151.128.172, located in Mueang Samut Prakan, Thailand and belongs to INET-TH-AS Internet Thailand Company Limited, TH. The main domain is www.sanook.com. The Cisco Umbrella rank of the primary domain is 108824.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on June 16th 2023. Valid for: a year.
This is the only time www.sanook.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 203.151.133.19 4618 (INET-TH-A...)
5 203.151.128.172 4618 (INET-TH-A...)
4 151.101.193.44 54113 (FASTLY)
74 43.152.26.58 139341 (ACE-AS-AP...)
11 2a02:2638:3::3 44788 (ASN-CRITE...)
4 43.152.26.104 139341 (ACE-AS-AP...)
3 2a00:1450:400... 15169 (GOOGLE)
2 203.154.58.214 4618 (INET-TH-A...)
3 61.91.94.165 7470 (TRUEINTER...)
2 2a03:2880:f08... 32934 (FACEBOOK)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.186.34 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a03:2880:f17... 32934 (FACEBOOK)
2 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 6 2a00:1450:400... 15169 (GOOGLE)
3 23.212.201.53 16625 (AKAMAI-AS)
1 3 18.66.147.84 16509 (AMAZON-02)
7 23.32.184.192 16625 (AKAMAI-AS)
1 203.151.130.72 4618 (INET-TH-A...)
4 8 2a02:2638:3::c 44788 (ASN-CRITE...)
3 119.81.216.16 36351 (SOFTLAYER)
2 185.64.190.82 62713 (AS-PUBMATIC)
6 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
6 2a02:2638:3::7 44788 (ASN-CRITE...)
5 185.64.189.112 62713 (AS-PUBMATIC)
13 2a00:1450:400... 15169 (GOOGLE)
1 77.245.57.78 36057 (WEBAIR-IN...)
6 95.101.149.35 16625 (AKAMAI-AS)
6 35.244.159.8 396982 (GOOGLE-CL...)
1 2602:803:c003... 26667 (RUBICONPR...)
2 8 104.18.36.155 13335 (CLOUDFLAR...)
4 9 37.252.171.21 29990 (ASN-APPNEX)
3 198.47.127.19 62713 (AS-PUBMATIC)
2 65.9.66.97 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 203.151.130.71 4618 (INET-TH-A...)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
1 185.29.134.248 30419 (MEDIAMATH...)
3 6 178.250.1.9 44788 (ASN-CRITE...)
14 185.64.191.210 62713 (AS-PUBMATIC)
3 6 52.95.126.138 16509 (AMAZON-02)
2 2 2620:116:800d... 16509 (AMAZON-02)
10 198.47.127.205 3257 (GTT-BACKB...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
7 8 18.195.142.87 16509 (AMAZON-02)
2 2 52.28.202.91 16509 (AMAZON-02)
2 2 54.198.28.7 14618 (AMAZON-AES)
6 6 52.210.176.42 16509 (AMAZON-02)
14 18 172.217.18.2 15169 (GOOGLE)
1 1 208.93.169.131 46244 (WEBMD-IDC...)
1 2 185.86.139.104 201081 (SMARTADSE...)
1 1 82.145.213.8 39832 (NO-OPERA)
2 4 18.202.86.19 16509 (AMAZON-02)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
3 4 34.246.239.231 16509 (AMAZON-02)
12 23 37.157.2.229 198622 (ADFORM)
2 2 34.150.170.96 396982 (GOOGLE-CL...)
7 15.197.193.217 16509 (AMAZON-02)
4 5 3.75.62.37 16509 (AMAZON-02)
3 198.47.127.20 3257 (GTT-BACKB...)
2 4 2a05:d018:d29... 16509 (AMAZON-02)
2 2 98.98.134.241 21859 (ZEN-ECN)
4 4 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 2001:678:cb4:... 56396 (AMOBEE)
1 52.19.8.73 16509 (AMAZON-02)
1 23.32.184.180 16625 (AKAMAI-AS)
2 104.18.38.76 13335 (CLOUDFLAR...)
2 95.101.149.233 16625 (AKAMAI-AS)
5 141.95.98.64 16276 (OVH)
9 2a00:1450:400... 15169 (GOOGLE)
1 43.152.26.197 139341 (ACE-AS-AP...)
4 5 69.173.144.165 26667 (RUBICONPR...)
1 2 178.250.1.6 44788 (ASN-CRITE...)
1 2a02:2638:3::12 44788 (ASN-CRITE...)
1 203.151.128.150 4618 (INET-TH-A...)
1 4 209.54.182.161 16509 (AMAZON-02)
2 2 44.215.169.187 14618 (AMAZON-AES)
2 2 13.32.27.99 16509 (AMAZON-02)
2 2 193.0.160.131 54312 (ROCKETFUEL)
2 4 35.244.174.68 15169 (GOOGLE)
2 172.64.151.101 13335 (CLOUDFLAR...)
3 34.98.64.218 396982 (GOOGLE-CL...)
1 2 35.186.253.211 15169 (GOOGLE)
1 1 141.95.32.69 16276 (OVH)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 108.138.1.25 16509 (AMAZON-02)
1 34.107.231.31 396982 (GOOGLE-CL...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
9 14 69.173.144.139 26667 (RUBICONPR...)
2 52.59.133.66 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
1 145.40.97.66 54825 (PACKET)
1 1 52.3.98.252 14618 (AMAZON-AES)
1 2 172.64.146.152 13335 (CLOUDFLAR...)
1 2a02:2638:3::1a 44788 (ASN-CRITE...)
1 99.86.4.128 16509 (AMAZON-02)
1 184.30.211.26 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
11 2a00:1450:400... 15169 (GOOGLE)
1 151.101.195.52 54113 (FASTLY)
1 141.226.228.48 200478 (TABOOLA-AS)
3 8 2.16.97.41 16625 (AKAMAI-AS)
1 13.248.245.213 16509 (AMAZON-02)
1 37.157.2.230 198622 (ADFORM)
1 52.50.121.249 16509 (AMAZON-02)
1 2 52.19.222.237 16509 (AMAZON-02)
1 2 52.51.80.54 16509 (AMAZON-02)
1 34.117.157.22 396982 (GOOGLE-CL...)
1 18.184.49.101 16509 (AMAZON-02)
1 44.242.29.250 16509 (AMAZON-02)
1 64.202.112.31 23352 (SERVERCEN...)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 85.215.5.31 6786 (CRONON-BE...)
1 23.32.185.192 16625 (AKAMAI-AS)
1 52.49.140.195 16509 (AMAZON-02)
1 18.192.146.238 16509 (AMAZON-02)
6 185.64.189.226 62713 (AS-PUBMATIC)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 23.48.23.67 20940 (AKAMAI-ASN1)
1 2600:9000:224... 16509 (AMAZON-02)
10 2.18.161.51 16625 (AKAMAI-AS)
2 162.19.138.117 16276 (OVH)
2 34.246.253.18 16509 (AMAZON-02)
1 18.198.126.47 16509 (AMAZON-02)
1 69.192.160.219 16625 (AKAMAI-AS)
1 54.229.22.54 16509 (AMAZON-02)
1 54.78.136.71 16509 (AMAZON-02)
16 37.157.5.71 198622 (ADFORM)
1 3.131.216.228 16509 (AMAZON-02)
1 151.101.2.137 54113 (FASTLY)
1 162.247.241.14 23467 (NEWRELIC-...)
1 2 151.101.66.49 54113 (FASTLY)
1 1 35.214.167.128 15169 (GOOGLE)
1 1 64.202.112.63 22075 (AS-OUTBRAIN)
1 173.231.180.197 32475 (SINGLEHOP...)
2 2 213.155.156.164 1299 (TWELVE99 ...)
1 35.186.193.173 15169 (GOOGLE)
1 195.5.165.20 44968 (IPROM-AS)
1 1 141.94.240.143 16276 (OVH)
2 2 141.94.171.213 16276 (OVH)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 162.55.120.196 24940 (HETZNER-AS)
4 4 46.228.174.117 56396 (AMOBEE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.122 42697 (NETIC-AS)
1 1 141.94.171.214 16276 (OVH)
1 1 64.227.64.62 14061 (DIGITALOC...)
456 133
1    203.151.133.19 (Mueang Samut Prakan, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 19.134.151.203.sta.inet.co.th
webboard.news.sanook.com
5    203.151.128.172 (Mueang Samut Prakan, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 172.128.151.203.sta.inet.co.th
www.sanook.com
graph.sanook.com
4    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
beacon.taboola.com
74    43.152.26.58 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)
s.isanook.com
11    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    43.152.26.104 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)
p3.isanook.com
3    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    203.154.58.214 (Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 203-154-58-214.northern.inet.co.th
lvs2.truehits.in.th
3    61.91.94.165 (Bang Phli, Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-94-165.static.asianet.co.th
sal.isanook.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2606:4700:20::681a:6e4 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.ocmhood.com
t.ocmhood.com
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
www.googleadservices.com
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.ocmtag.com
1    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
3    2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.ch
6    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    23.212.201.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-201-53.deploy.static.akamaitechnologies.com
avd.innity.net
3    18.66.147.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-84.fra60.r.cloudfront.net
sb.scorecardresearch.com
7    23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    203.151.130.72 (Mueang Samut Prakan, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 72.130.151.203.sta.inet.co.th
sloth-api.sanook.com
8    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
3    119.81.216.16 (Singapore, Singapore)

ASN36351 (SOFTLAYER, US)
PTR: 10.d8.5177.ip4.static.sl-reverse.com
avd.innity.com
2    185.64.190.82 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
ut.pubmatic.com
6    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
19    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
6    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
5    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
13    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    77.245.57.78 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
rtb-eu.andbeyond.media
6    95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com
a.teads.tv
6    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
tencentth-d.openx.net
eu-u.openx.net
us-u.openx.net
google-bidout-d.openx.net
1    2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
8    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
r.casalemedia.com
9    37.252.171.21 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
3    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    2600:9000:2250:6a00:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
2    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com
5c13bb0522ad66a75e65a3b5a75e9ebf.safeframe.googlesyndication.com
1    203.151.130.71 (Mueang Samut Prakan, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 71.130.151.203.sta.inet.co.th
dc.sanook.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
1    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
6    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
widget.nl3.eu.criteo.com
14    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
6    52.95.126.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
10    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image2.pubmatic.com
1    85.114.159.118 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
8    18.195.142.87 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-142-87.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    52.28.202.91 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-202-91.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
2    54.198.28.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-28-7.compute-1.amazonaws.com
sync.srv.stackadapt.com
6    52.210.176.42 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-176-42.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
18    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
cm.g.doubleclick.net
1    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
2    185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
4    18.202.86.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-86-19.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
id.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
4    34.246.239.231 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-239-231.eu-west-1.compute.amazonaws.com
a.audrte.com
23    37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
track.adform.net
2    34.150.170.96 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com
um.simpli.fi
7    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
5    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
simage4.pubmatic.com
4    2a05:d018:d29:3605:3b2e:d970:bb65:e6b3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
4    2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
casale-match.dotomi.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    52.19.8.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-8-73.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    23.32.184.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-180.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
9    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    43.152.26.197 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)
img-as.fsanook.com
5    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
1    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
1    203.151.128.150 (Mueang Samut Prakan, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 150.128.151.203.sta.inet.co.th
apps.sanook.com
4    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    44.215.169.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-169-187.compute-1.amazonaws.com
i.liadm.com
2    13.32.27.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-99.fra56.r.cloudfront.net
live.rezync.com
2    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
3    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    141.95.32.69 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: haproxy-eu-004.roqad.pl
ws.rqtrk.eu
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
rtbdemand.apiip.net
3    108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    34.107.231.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.231.107.34.bc.googleusercontent.com
p.adlooxtracking.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
14    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    52.59.133.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-133-66.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    2600:9000:2251:aa00:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
1    145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    52.3.98.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-98-252.compute-1.amazonaws.com
sync.ipredictive.com
2    172.64.146.152 (United States)

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
1    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    99.86.4.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-128.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
1    184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
11    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    151.101.195.52 (United States)

ASN54113 (FASTLY, US)
rtbpass.andbeyond.media
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
8    2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv
sync.teads.tv
1    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    37.157.2.230 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    52.50.121.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-121-249.eu-west-1.compute.amazonaws.com
visitor.omnitagjs.com
2    52.19.222.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-222-237.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    52.51.80.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-80-54.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
matching.ivitrack.com
1    18.184.49.101 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-49-101.eu-central-1.compute.amazonaws.com
exchange.mediavine.com
1    44.242.29.250 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-242-29-250.us-west-2.compute.amazonaws.com
jadserve.postrelease.com
1    64.202.112.31 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    2600:1f18:612b:4232:d5ff:1540:2e33:3aaf (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
criteo-partners.tremorhub.com
1    85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)
a.twiago.com
1    23.32.185.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-192.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    52.49.140.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-140-195.eu-west-1.compute.amazonaws.com
sync-criteo.ads.yieldmo.com
1    18.192.146.238 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-146-238.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
6    185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
3    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
a.ad.gt
1    23.48.23.67 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-67.deploy.static.akamaitechnologies.com
hb.yahoo.net
1    2600:9000:2240:f400:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)
wrappers.geoedge.be
10    2.18.161.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-51.deploy.static.akamaitechnologies.com
t2.teads.tv
t.teads.tv
2    162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
lb.eu-1-id5-sync.com
2    34.246.253.18 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-253-18.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
loadm.exelator.com
1    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    54.229.22.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-22-54.eu-west-1.compute.amazonaws.com
aa.agkn.com
1    54.78.136.71 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-136-71.eu-west-1.compute.amazonaws.com
sync.springserve.com
16    37.157.5.71 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
1    3.131.216.228 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-131-216-228.us-east-2.compute.amazonaws.com
s.thebrighttag.com
1    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    35.214.167.128 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 128.167.214.35.bc.googleusercontent.com
csync.loopme.me
1    64.202.112.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    173.231.180.197 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: ams-delivery-4.sys.adgear.com
cm.adgrx.com
2    213.155.156.164 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    141.94.240.143 (France)

ASN16276 (OVH, FR)
PTR: bixel-9.cloudy.ovh
green.erne.co
2    141.94.171.213 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-5.cloudy.ovh
pixel-eu.onaudience.com
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
4    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.51.122 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    141.94.171.214 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-8.cloudy.ovh
pixel.onaudience.com
1    64.227.64.62 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
Apex Domain
Subdomains		 Transfer
81 isanook.com
s.isanook.com — Cisco Umbrella Rank: 98372
p3.isanook.com — Cisco Umbrella Rank: 127574
sal.isanook.com — Cisco Umbrella Rank: 116862
1 MB
50 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 534
ut.pubmatic.com — Cisco Umbrella Rank: 12156
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 502
image6.pubmatic.com — Cisco Umbrella Rank: 823
simage2.pubmatic.com — Cisco Umbrella Rank: 843
image2.pubmatic.com — Cisco Umbrella Rank: 924
image4.pubmatic.com — Cisco Umbrella Rank: 1184
t.pubmatic.com — Cisco Umbrella Rank: 2736
simage4.pubmatic.com — Cisco Umbrella Rank: 1289
538 KB
42 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
463 KB
40 adform.net
dmp.adform.net — Cisco Umbrella Rank: 3509
c1.adform.net — Cisco Umbrella Rank: 599
cm.adform.net — Cisco Umbrella Rank: 1267
track.adform.net — Cisco Umbrella Rank: 4256
s1.adform.net — Cisco Umbrella Rank: 9253
421 KB
24 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1462
criteo-sync.teads.tv — Cisco Umbrella Rank: 2580
t2.teads.tv — Cisco Umbrella Rank: 25995
sync.teads.tv — Cisco Umbrella Rank: 1403
t.teads.tv — Cisco Umbrella Rank: 2845
168 KB
23 googlesyndication.com
cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
5c13bb0522ad66a75e65a3b5a75e9ebf.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
103 KB
23 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
mug.criteo.com — Cisco Umbrella Rank: 2926
bidder.criteo.com — Cisco Umbrella Rank: 757
dis.criteo.com — Cisco Umbrella Rank: 597
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552
ads.eu.criteo.com — Cisco Umbrella Rank: 10450
widget.nl3.eu.criteo.com — Cisco Umbrella Rank: 23475
37 KB
22 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 513
eus.rubiconproject.com — Cisco Umbrella Rank: 602
token.rubiconproject.com — Cisco Umbrella Rank: 458
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
27 KB
21 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3040
www.google.com — Cisco Umbrella Rank: 2
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1359
67 KB
14 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598
79 KB
13 openx.net
tencentth-d.openx.net — Cisco Umbrella Rank: 161377
oajs.openx.net — Cisco Umbrella Rank: 1656
eu-u.openx.net — Cisco Umbrella Rank: 2753
us-u.openx.net — Cisco Umbrella Rank: 522
google-bidout-d.openx.net — Cisco Umbrella Rank: 1665
rtb.openx.net — Cisco Umbrella Rank: 695
3 KB
12 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
csm.eu.criteo.net — Cisco Umbrella Rank: 10557
106 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
acdn.adnxs.com — Cisco Umbrella Rank: 609
secure.adnxs.com — Cisco Umbrella Rank: 495
24 KB
10 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 511
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
dsum.casalemedia.com — Cisco Umbrella Rank: 1396
r.casalemedia.com — Cisco Umbrella Rank: 1699
6 KB
9 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
4 KB
9 sanook.com
webboard.news.sanook.com
www.sanook.com — Cisco Umbrella Rank: 108824
graph.sanook.com — Cisco Umbrella Rank: 145854
sloth-api.sanook.com — Cisco Umbrella Rank: 154506
dc.sanook.com — Cisco Umbrella Rank: 124330
apps.sanook.com — Cisco Umbrella Rank: 775858
44 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
3 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
1 KB
7 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 863
id5-sync.com — Cisco Umbrella Rank: 440
71 KB
7 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
sync.crwdcntrl.net — Cisco Umbrella Rank: 865
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
id.crwdcntrl.net — Cisco Umbrella Rank: 2498
26 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
3 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
349 KB
5 google.ch
www.google.ch — Cisco Umbrella Rank: 30247
884 B
5 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1136
beacon.taboola.com — Cisco Umbrella Rank: 21860
sync-t1.taboola.com — Cisco Umbrella Rank: 1630
7 KB
4 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 415
api.rlcdn.com Failed
817 B
4 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3483
casale-match.dotomi.com — Cisco Umbrella Rank: 3027
1 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2810
3 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
2 KB
3 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 19303
pixel.onaudience.com — Cisco Umbrella Rank: 3239
2 KB
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1601
a.ad.gt — Cisco Umbrella Rank: 1844
4 KB
3 innity.com
avd.innity.com — Cisco Umbrella Rank: 32529
2 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
3 KB
3 innity.net
avd.innity.net — Cisco Umbrella Rank: 45513
13 KB
3 ocmhood.com
sdk.ocmhood.com — Cisco Umbrella Rank: 46381
t.ocmhood.com — Cisco Umbrella Rank: 11204
13 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
260 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1222
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 860
s.tribalfusion.com — Cisco Umbrella Rank: 2311
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4905
562 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
797 B
2 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 758
679 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 928
547 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 781
878 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 228
1 KB
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1113
536 B
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
71 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 592
899 B
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 868
2 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1922
1 KB
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 539
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 674
cdn.indexww.com — Cisco Umbrella Rank: 1531
2 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
952 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 726
938 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
1 KB
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24983
498 B
2 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
3 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2529
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
1 KB
2 andbeyond.media
rtb-eu.andbeyond.media — Cisco Umbrella Rank: 160618
rtbpass.andbeyond.media — Cisco Umbrella Rank: 48614
187 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
89 KB
2 truehits.in.th
lvs2.truehits.in.th — Cisco Umbrella Rank: 95668
9 KB
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2242
555 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3222
440 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
527 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6588
1 erne.co
green.erne.co — Cisco Umbrella Rank: 31191
412 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6074
277 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5723
371 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1392
283 B
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 580
379 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 940
226 B
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 225
463 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 562
16 KB
1 thebrighttag.com
s.thebrighttag.com — Cisco Umbrella Rank: 2536
269 B
1 springserve.com
sync.springserve.com — Cisco Umbrella Rank: 3340
207 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 560
501 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 685
500 B
1 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1743
324 B
1 geoedge.be
wrappers.geoedge.be — Cisco Umbrella Rank: 21126
3 KB
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 938
317 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 2274
45 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2884
622 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4925
235 B
1 twiago.com
a.twiago.com — Cisco Umbrella Rank: 33127
580 B
1 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 3030
400 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 807
145 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1122
536 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1284
885 B
1 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 10529
265 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 799
386 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 417
141 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1779
10 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1155
17 KB
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
509 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
188 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1458
528 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
650 B
1 adlooxtracking.com
p.adlooxtracking.com — Cisco Umbrella Rank: 24339
4 KB
1 apiip.net
rtbdemand.apiip.net — Cisco Umbrella Rank: 28377
418 B
1 rqtrk.eu
ws.rqtrk.eu — Cisco Umbrella Rank: 3851
351 B
1 fsanook.com
img-as.fsanook.com — Cisco Umbrella Rank: 175318
87 KB
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1397
554 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
961 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533
524 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1372
443 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1762
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491
3 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
185 B
1 ocmtag.com
cdn.ocmtag.com — Cisco Umbrella Rank: 48810
695 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
2 KB
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
456 114
Domain Requested by
74 s.isanook.com www.sanook.com
19 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.sanook.com
cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com
18 cm.g.doubleclick.net 14 redirects eu-u.openx.net
www.sanook.com
sync.teads.tv
17 track.adform.net 7 redirects srcdoc
s1.adform.net
16 s1.adform.net track.adform.net
s1.adform.net
www.sanook.com
14 pixel.rubiconproject.com 9 redirects www.sanook.com
14 simage2.pubmatic.com ads.pubmatic.com
www.sanook.com
13 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
www.sanook.com
11 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.sanook.com
www.googletagservices.com
11 static.criteo.net www.sanook.com
securepubads.g.doubleclick.net
10 image2.pubmatic.com ads.pubmatic.com
9 tpc.googlesyndication.com securepubads.g.doubleclick.net
cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.sanook.com
8 x.bidswitch.net 7 redirects www.sanook.com
8 ib.adnxs.com 3 redirects ads.pubmatic.com
acdn.adnxs.com
www.sanook.com
7 sync.teads.tv 3 redirects a.teads.tv
sync.teads.tv
7 t2.teads.tv cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com
7 match.adsrvr.org ads.pubmatic.com
eu-u.openx.net
ssum-sec.casalemedia.com
www.sanook.com
sync.teads.tv
7 gum.criteo.com 4 redirects static.criteo.net
ads.pubmatic.com
7 ads.pubmatic.com s.isanook.com
ads.pubmatic.com
cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com
6 t.pubmatic.com ads.pubmatic.com
6 match.prod.bidr.io 6 redirects
6 aax-eu.amazon-adsystem.com 3 redirects ads.pubmatic.com
eu-u.openx.net
www.sanook.com
6 a.teads.tv ads.pubmatic.com
a.teads.tv
6 bidder.criteo.com static.criteo.net
6 www.googletagservices.com s.isanook.com
securepubads.g.doubleclick.net
cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com
6 www.google.com 1 redirects www.sanook.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 token.rubiconproject.com 4 redirects eus.rubiconproject.com
5 us-u.openx.net eu-u.openx.net
google-bidout-d.openx.net
5 id5-sync.com cdn.id5-sync.com
www.sanook.com
ads.pubmatic.com
5 ups.analytics.yahoo.com 4 redirects www.sanook.com
5 c1.adform.net 4 redirects ads.pubmatic.com
5 dis.criteo.com 3 redirects www.sanook.com
5 hbopenbid.pubmatic.com ads.pubmatic.com
5 www.google.ch www.sanook.com
4 idsync.rlcdn.com 2 redirects ssum-sec.casalemedia.com
sync.teads.tv
4 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
www.sanook.com
4 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
google-bidout-d.openx.net
4 a.audrte.com 3 redirects ads.pubmatic.com
4 graph.sanook.com s.isanook.com
4 p3.isanook.com www.sanook.com
s.isanook.com
p3.isanook.com
3 sync.1rx.io 3 redirects
3 t.teads.tv cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com
3 c.amazon-adsystem.com www.sanook.com
c.amazon-adsystem.com
3 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 sync.crwdcntrl.net 2 redirects ads.pubmatic.com
3 image6.pubmatic.com ads.pubmatic.com
3 avd.innity.com avd.innity.net
www.sanook.com
3 sb.scorecardresearch.com 1 redirects p3.isanook.com
www.sanook.com
3 avd.innity.net p3.isanook.com
avd.innity.net
www.sanook.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 sal.isanook.com www.sanook.com
3 www.googletagmanager.com www.sanook.com
www.googletagmanager.com
www.google-analytics.com
2 uipglob.semasio.net 1 redirects
2 pixel-eu.onaudience.com 2 redirects
2 d5p.de17a.com 2 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 simage4.pubmatic.com ads.pubmatic.com
2 beacon.krxd.net www.sanook.com
sync.teads.tv
2 lb.eu-1-id5-sync.com ads.pubmatic.com
cdn.id5-sync.com
2 id.hadron.ad.gt cdn.hadronid.net
2 ad.360yield.com 1 redirects www.sanook.com
2 dpm.demdex.net 1 redirects www.sanook.com
2 capi.connatix.com 1 redirects www.sanook.com
2 match.sharethrough.com www.sanook.com
2 creativecdn.com 2 redirects
2 rtb.openx.net 1 redirects google-bidout-d.openx.net
2 casale-match.dotomi.com 2 redirects
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 p.rfihub.com 2 redirects
2 live.rezync.com 2 redirects
2 i.liadm.com 2 redirects
2 cat.nl3.eu.criteo.com 1 redirects www.sanook.com
2 eus.rubiconproject.com ads.pubmatic.com
eus.rubiconproject.com
2 eu-u.openx.net ads.pubmatic.com
eu-u.openx.net
2 ad.turn.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 um.simpli.fi 2 redirects
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 rtb-csync.smartadserver.com 1 redirects www.sanook.com
2 sync.srv.stackadapt.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 cms.quantserve.com 2 redirects
2 oajs.openx.net 1 redirects www.sanook.com
2 cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 cdn.id5-sync.com securepubads.g.doubleclick.net
www.sanook.com
2 tags.crwdcntrl.net securepubads.g.doubleclick.net
www.sanook.com
2 ut.pubmatic.com ads.pubmatic.com
2 t.ocmhood.com sdk.ocmhood.com
2 region1.analytics.google.com www.googletagmanager.com
2 beacon.taboola.com www.sanook.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
2 connect.facebook.net www.sanook.com
connect.facebook.net
2 lvs2.truehits.in.th www.sanook.com
2 cdn.taboola.com www.sanook.com
cdn.taboola.com
1 match.adsby.bidtheatre.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 mwzeom.zeotap.com
1 sync.targeting.unrulymedia.com 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 green.erne.co 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 b1sync.zemanta.com 1 redirects
1 csync.loopme.me 1 redirects
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com www.sanook.com
1 s.thebrighttag.com www.sanook.com
1 a.ad.gt cdn.hadronid.net
1 sync.springserve.com sync.teads.tv
1 aa.agkn.com sync.teads.tv
1 tags.bluekai.com sync.teads.tv
1 loadm.exelator.com sync.teads.tv
1 id.crwdcntrl.net ads.pubmatic.com
1 wrappers.geoedge.be rtbpass.andbeyond.media
1 hb.yahoo.net www.sanook.com
1 e1.emxdgt.com www.sanook.com
1 sync-criteo.ads.yieldmo.com www.sanook.com
1 ad.yieldlab.net www.sanook.com
1 a.twiago.com www.sanook.com
1 criteo-partners.tremorhub.com www.sanook.com
1 sync.outbrain.com www.sanook.com
1 jadserve.postrelease.com www.sanook.com
1 exchange.mediavine.com www.sanook.com
1 matching.ivitrack.com www.sanook.com
1 r.casalemedia.com www.sanook.com
1 visitor.omnitagjs.com www.sanook.com
1 cm.adform.net www.sanook.com
1 eb2.3lift.com www.sanook.com
1 criteo-sync.teads.tv www.sanook.com
1 sync-t1.taboola.com www.sanook.com
1 rtbpass.andbeyond.media www.sanook.com
1 cdn.hadronid.net www.sanook.com
1 secure.cdn.fastclick.net www.sanook.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 csm.eu.criteo.net www.sanook.com
1 widget.nl3.eu.criteo.com www.sanook.com
1 sync.ipredictive.com 1 redirects
1 prebid.a-mo.net www.sanook.com
1 live.primis.tech www.sanook.com
1 px.ads.linkedin.com www.sanook.com
1 p.adlooxtracking.com www.sanook.com
1 rtbdemand.apiip.net www.sanook.com
1 ws.rqtrk.eu 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 secure.adnxs.com 1 redirects
1 google-bidout-d.openx.net oa.openxcdn.net
1 apps.sanook.com www.sanook.com
1 ads.eu.criteo.com www.sanook.com
1 5c13bb0522ad66a75e65a3b5a75e9ebf.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 img-as.fsanook.com securepubads.g.doubleclick.net
1 js-sec.indexww.com ads.pubmatic.com
1 acdn.adnxs.com ads.pubmatic.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 image4.pubmatic.com ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 t.adx.opera.com 1 redirects
1 bh.contextweb.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 sync.mathtag.com ads.pubmatic.com
1 dc.sanook.com www.sanook.com
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 htlb.casalemedia.com ads.pubmatic.com
1 fastlane.rubiconproject.com ads.pubmatic.com
1 tencentth-d.openx.net ads.pubmatic.com
1 rtb-eu.andbeyond.media ads.pubmatic.com
1 mug.criteo.com www.sanook.com
1 sloth-api.sanook.com s.isanook.com
1 www.facebook.com www.sanook.com
1 cdn.ocmtag.com sdk.ocmhood.com
1 www.googleadservices.com www.googletagmanager.com
1 sdk.ocmhood.com cdn.taboola.com
1 www.sanook.com
1 webboard.news.sanook.com 1 redirects
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 api.rlcdn.com Failed ads.pubmatic.com
456 184
Subject Issuer Validity Valid
*.sanook.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-16 -
2024-07-16		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.isanook.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-12 -
2024-10-23		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
lvs2.truehits.in.th
Sectigo RSA Domain Validation Secure Server CA		 2023-01-29 -
2024-02-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-06 -
2023-12-05		 3 months crt.sh
ocmhood.com
Cloudflare Inc ECC CA-3		 2023-04-04 -
2024-04-03		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-01-25 -
2024-01-24		 a year crt.sh
*.google.ch
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.innity.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-24 -
2024-02-26		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.innity.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-08 -
2023-12-09		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.andbeyond.media
Starfield Secure Certificate Authority - G2		 2023-02-14 -
2024-03-17		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-30 -
2024-04-29		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.fsanook.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-06 -
2024-01-06		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
p.adlooxtracking.com
GTS CA 1D4		 2023-11-13 -
2024-02-11		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-30 -
2023-12-25		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-17 -
2024-01-18		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
hadronid.net
GTS CA 1P5		 2023-10-05 -
2024-01-03		 3 months crt.sh
andbeyond.media
Certainly Intermediate R1		 2023-11-20 -
2023-12-20		 a month crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
itm.ivitrack.com
R3		 2023-10-15 -
2024-01-13		 3 months crt.sh
exchange.mediavine.com
Amazon RSA 2048 M02		 2023-06-06 -
2024-07-04		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02		 2023-08-30 -
2024-09-28		 a year crt.sh
*.outbrain.com
Thawte TLS RSA CA G1		 2023-11-20 -
2024-11-27		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-23		 a year crt.sh
*.twiago.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-28 -
2023-12-29		 a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-17 -
2024-09-17		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.emxdgt.com
Amazon RSA 2048 M01		 2023-05-03 -
2024-05-31		 a year crt.sh
gw.geoedge.be
Amazon RSA 2048 M01		 2023-08-12 -
2024-09-09		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-29 -
2024-06-11		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-09-07 -
2024-09-29		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-01		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.iprom.net
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
truffle.bid
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh

This page contains 59 frames:

Primary Page: https://www.sanook.com/
Frame ID: 2DA5443D9BF26FB0D38F257F9B1023AD
Requests: 212 HTTP requests in this frame

Frame: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Frame ID: D5561B38F5855319D06B8D0120BE01AC
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
Frame ID: 3AA913FC4F5C1E0AADEF48E9D3D14E42
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Frame ID: ED78536EDAE394BEAE3DBB43F7DC68FC
Requests: 18 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Frame ID: DAD8AC9B2554259B56737ABDDFD455BB
Requests: 7 HTTP requests in this frame

Frame: https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 497176B497CBA158CD6D251F3C7A6619
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: 0ABA28D014448901B93968D3FD037838
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 8C4D69060110992E1BDC86C1BA8AFDFD
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BC54E062-1912-470B-9D76-E7D9475C5311&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: A3EAF33530EF0C66ACD40B0C121C58B2
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=A_ssf1f7Ly8Y_ip5U_03eAStKC4YrCt7VPj3gfYK
Frame ID: C6526EB86BBFBF2C933997CC0748AD07
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2297806412148916301&gdpr=0&gdpr_consent=
Frame ID: 3AB81388F03C5F008993961DBFA66BCD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7306445381536970894&gdpr=0&gdpr_consent=
Frame ID: 3DA0D29AE35299E6B09315853ACFFE0E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=779824a1-9984-450a-b204-92613bcdcff3&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 7E8A74241B940715664E30D428B3BE4D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=knAKLyoyX0tzy3brmzysSMPOaYI&gdpr=0&gdpr_consent=
Frame ID: 90E21A35E26D470DE0187B01798F4A97
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADthE7Ky2sAABcPtbwCug&gdpr=0&gdpr_consent=
Frame ID: A821879E24CAC85AB3713B51898FA79A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU628bb0de99634e18b11c999b65ffb898
Frame ID: D1C5CABB7AB23F84205DD94F3893241E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgajgr7t2i8qpoDOvpabcLGkhApcjwQuiRvTUZrzPa48Dm_f5wVClbP6_KFxrXC4FTR9QRjKjCVG_9XFtGAZU9vpL4Mjjzg5ivSveUiVWDJmZic9_WBfdssVhTJpROGiscZ4CC0S0zBkQTy51Xr2XyaBBZ6iB9lV5FnuP56N8N2HlAviHPOT9laZbw5T3DE55IYfoACeVKUbOibYWPSC939PMtZr9EZvShjoWYxS51tQFnei9FgNzUGhE7FylVJQ_h2Qz0i6EU8dFyC3xvdSD-Lh4X2GjL36h7dUofXIUyhhfWXCfih49qVrmqVAlfxeUytIwMduXnjKg7M0jHHHVDcSZpEOV_9ZjwHHsoCFppDQ&sai=AMfl-YQh6f17p5vz7bB7qS9tXF3G8RmoRL3e7s0ho_4UhYmb0niDHI9vGRHbnaYeZF0n8K3h3LI9ncRC7WHWRP60KoSFaDm2y4xcgFnPMhuUUAaMk4ktjfCj8HtNYB_kWYDuQLg17Unk9STnJOzQOvqca5s&sig=Cg0ArKJSzOjnh4I1jcGlEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 859C9639DBB7780F893922DFACC1CB88
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 37E37D685EDACED29B9D3CE0F597090A
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6E8D0FFE8F81D4559E9EFF6B4D1D8BF7
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Frame ID: 005206BC47D399D425FCAE46552439A1
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: AEC37AD7425D8A3AF314A3DF016F81B5
Requests: 19 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuW5u0O-OyM_qiGulvgi9UD0pHY4afTxuONkRsJRUWpEPbhASM2zo-RG4lt2oBl5KiG58vVAks3uS8MI2DtUF8dnwmH7lHcOoFGsEMj1gAwmH1_moWnOG8XPCUkT2XCKS7arFURIDFGEEyJpSha_cqbGLpv1D2P_IQTkAj6XF6mf1z5sSsvlkWz-G1gUOpBWQweaDq70R1gQKqAufWMvH06GJtqcPtnqVb9c4QZVIXOA1nehUEA0YlMw2CUDbmQPMD8l8X87YdHAITAuyk4_pXqhCxVskooIBIUe5tApBiu8t6Gz8e5WmjaD-uFolQRQfU5jp_xD641nAy4Z2IURZ8RxJmhBO_C9_Ms-qrpoaGR&sai=AMfl-YT8yCyA55ryJnq8PBXOlfkRiiNi5eyhgo8txQGX0DujgtZrezJecVMAigIxB3NU98EFGeeaEGP6lYkWxbNSVHRxlDx3C2ECrNZqo7tDIDz6oMPal7vddgdxbzu6LZwcIcZ7-LA2KuvZtHmXHXpp79o&sig=Cg0ArKJSzBawm70kO08aEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 714D4C595753846E7AC8169E801C46EE
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 73DF658F8DF22A555918E26921199114
Requests: 10 HTTP requests in this frame

Frame: https://5c13bb0522ad66a75e65a3b5a75e9ebf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 0BFF005DCDBB8C09102547A2E75B30F2
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhmAriFW0B69kM9EIBV5Rs84PzcNxTeKwYaYor9ksWdDJRH-g6xPFVrRxrvpAVUKVFn3B6i9ZDIa-fbA7Ms6YMZtpRNX_NAS__i6FiwM6NY3XyfX1MppBZKhAIzYEX1gLKraaZDyaXOvdmxiE6x4JMOr4LZTa-4XdsfUj7drAdnLkjmApS1uBo3kxBimK9hLqERA2bab-OOJkU5fHJ9Q1Kgj6xOE68VUu_GzgG3ybq43VzkW9Jvhq1TZn0fvbu1Lw_yVAP9Lv5RmqUfmxsI-CX4Ui5Gg2NEJztsavpNiULvYFHeIMEZbtJXB52_P4dKvFuccicKOFR_vKB6Kh83fvrEv7HiM5e6XhZA50QUfW4xv8&sai=AMfl-YSDY2bAwSPsh_rszIs_7uJbEdH9QJySh6TkME4M72T-FD8Q4-g0Qgs5B_4aEOw8D8Im8ceKDHbpc4-_cMN2GpqS5nRXBN1zCe-ldrsKCVaRl2pmgViZLZVvAleFZKhmX5qNmtU9zwAtuFYgjmWZUng&sig=Cg0ArKJSzKwJFiH_mtKAEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: C348D4AADC1BFA1628C2A47A0CA8B363
Requests: 5 HTTP requests in this frame

Frame: https://apps.sanook.com/ret.php
Frame ID: 236FD940C529EA1667DE4F88B3D2C682
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: AE99CC86EB59C8861A6326974E7F4A06
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsudZ7FF1MhacqCykPdk3VjoFTMpzX2O_701-64uzjqZcQ2aCSaL74GGERcBjN4yhw-sIfHQlt-z-LS2iAz9aC-Kkt2_0R21hpkCbZGaF-_EZ3MjMNWPwAFs093Y5Q4krKhWVv8RrD7ESqdlSiXRMnMcNx3SVy2LTBoIr_qZhC3MWDjyUxZBCTsuas2MW0F3dlUZqMigPQHc9EWbL5H6Ql4C-Mzw2GjWEDhAVX8skRpbCTQnhD_R_qXmplx0H9xvFny1S8RLhVLiPKmVt922IKH7iHwwsJDPIRxyLTbSkEno2OUHul4e1bGhCVXXwsjh3a3_q9FMeX7vkHylAA&sai=AMfl-YQVaqnQoZVbUjSAFgqR7UXrsj0w5TNaNoyK9d8kG4Ixjncoa-rLK9W41j-jAwqHwULHiC3-p1YOk6o22FJ6DX6txJiVtH7EEX1BpuzhbO6oIc0qZUYzuDQNVPQViw&sig=Cg0ArKJSzMbGWSEbs6xMEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 0F95EBD1D64E0F8137EF2F5AC6F6B044
Requests: 3 HTTP requests in this frame

Frame: https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E6758A87FFD15DE5E23E5CB1EF61AA83
Requests: 10 HTTP requests in this frame

Frame: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=143900&cb=6565b55d7333b5fe0c5ce113ef3e088e&r=https%3a%2f%2fwww.sanook.com%2f&crossorigin=false
Frame ID: E2209C0E02D87F30D04FE6C35260D379
Requests: 1 HTTP requests in this frame

Frame: https://csm.eu.criteo.net/all?cppv=3&cpp=jsswHGLR4Qf3i5uhOe1p-a6GUJh1-6_-rFJ4s7rLyOJu9Snc74q1YLdnMZsCRNrLqbqfaM22g3c9jvUbWYILn40QyhhxPvcfqqP5QqHCIuvOUACzrF8lPJTb9zEl1nsuwXRAfYwWb-hGz0wQkzvOaBywmoPU6vsZoHuN9j4q11r7TbXwtaQkiW9fjIHrrpL9mXeMTLaZRuiw_EQrzb4AOujUzts8ZXUyBJpgH00Bisd4Oa0uk3EG4ntrBTmf3vFVyo0cDg&sds=2&rev=89278&sendBeacon=true
Frame ID: 2C8D72BC11325DC51600C4FB09915425
Requests: 9 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-wb3RQRzRZeG-5trsCc-TqzTi7iVCBV2PZtKPbQ&google_gid=CAESEA2b1XQxgCkhtEpQb2PkeH8&google_cver=1&google_ula=913071,0
Frame ID: FE1AF5D05DED8B25FFF617ECA35ACFF2
Requests: 30 HTTP requests in this frame

Frame: https://a.teads.tv/hb/ad/4149e1c1-7630-4bd7-8420-18c3af2a1f9c_630cb0c6-c8be-4c83-9c0d-2a1db55aaaa3
Frame ID: 8AC9F0C1D94C7B38C1D1E0956EAFDAFC
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D858EC57C7A6EDDE76BCA10ED44A6945
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DBF9B8D04B2152A85009CAE123D870AF
Requests: 2 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?pid=177687&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=4149e1c1-7630-4bd7-8420-18c3af2a1f9c_630cb0c6-c8be-4c83-9c0d-2a1db55aaaa3&vid=6b4c9fc0-2013-4aee-8331-5036f857e766&1701164383723
Frame ID: BA0513B17F6E7FC746DE40278E93D90C
Requests: 12 HTTP requests in this frame

Frame: data://truncated
Frame ID: EAEAC3243938B04E54F917F40A029352
Requests: 1 HTTP requests in this frame

Frame: https://a.teads.tv/media/vpaid-display/iframe.html
Frame ID: 95BF790133CAA5815DC5CC9DE9D73660
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=69875459;rtbwp=1.3502689900377405;rtbdata=Pv4L8eE6RXhzvhz1L3yBVyo1CAlSRgJqnY6ZyIKx01ymh5GeCFLwIniHRsF1CjrxXaJtTX-e0t7sthlzKb7rh9b8noW-WRTdTJSuMu4zYMZoQbqzToE2f-xnFIfkTIG6jcONn6RXKWEY6iboAFGKRONYBwSIZ5zoDyzQYdeTwc9js3LzooiWlugSQI3nKB0fVF31rLo_PT-F_A6Ro3qTJGJ6IzKxSJnYq8Ncz7rFK7B64jGOslNVzzq4C5f7dJp36ee1Nb1Te_klpZe-tyel0_6iXknacKGgJ0DQRIl3PLqfbVy9ydwl8n7W0iKof5YQp1Qvwfv4hFSS9WOdxOUvs9FG_UVGM3ZI0E6RoJBYKk658GSWQFII4nmZS_WfpGZ5mzPXG8UIiufWwgfJiWECarKMkQ97AdTa0
Frame ID: 3CC6B0B2A834D8156C7E46A88644AD6F
Requests: 12 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2012709/9153529/9153529.js?ADFassetID=9153529&bv=2049
Frame ID: 85AD2EE0F22032E85F378F9CF39D8261
Requests: 14 HTTP requests in this frame

Frame: https://cdn.taboola.com/webpush/tgframe.html
Frame ID: C71234A60052F3A25D14A7A4479768B7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0C41F39149D2D4D17DBC061CF0B53FC6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C95889AE527BAC732C2936A3107D29D0
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=BC54E062-1912-470B-9D76-E7D9475C5311&gdpr=0&gdpr_consent=
Frame ID: 09C9D1DD2F3D9F1443F07F9B36681321
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZWW1YAAC8pVjGgBd
Frame ID: 3E21827CBFA7FC5C0014A5AC262C93B1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: A891056C240483B5D238049C1D8CA8D9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Frame ID: 181903B08A956808EF379286BEB3B448
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: A1B4080ECB9094ECFA5F8FE58E90D82D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7517368090351806467
Frame ID: 7E2307758F41B6AFEF9CE441AE81BF21
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: DE1AF2CAA33F8F822A115943C8AA4F0D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685631020937674
Frame ID: AE6745D19E6A18FDB36A1BD2C23C9503
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: E6AEBC856B945D13D4E69895940BFAA1
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: B1F68224BB28B029588EFFE0317CA272
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: FAAC7EBB0FBC5394DFABE1A749F59D64
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=uroLIz3lVnQRXhaWUhXjjjYV&gdpr=0&gdpr_consent=
Frame ID: E5533BA33055F81A2874642167D372B9
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 10F06479A4E4975DAADBF064A8F878A0
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 3AC42D3040DB75AB738F9B29A76AD3BA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:1DA1F0AFECA740B28A374C19B15380E1&gdpr=0&gdpr_consent=
Frame ID: A270A3D27C97F195CF4E10D4B77C42DC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b20348d1-6926-4cc4-8f4a-b98f1a61cfb9-003
Frame ID: A0ED2EE40F878C70B40A5EC28A5206ED
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

sanook.com รวมข่าว ดูดวง หวย ผลบอล เพลง Joox เกม

Page URL History Show full URLs

  1. https://webboard.news.sanook.com/forum/index.php?topic=16457944 HTTP 301
    https://www.sanook.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

456
Requests

84 %
HTTPS

25 %
IPv6

114
Domains

184
Subdomains

133
IPs

14
Countries

4814 kB
Transfer

15102 kB
Size

191
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://webboard.news.sanook.com/forum/index.php?topic=16457944 HTTP 301
    https://www.sanook.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=510173290&cv=11&fst=1701164379889&bg=ffffff&guid=ON&async=1&gtm=45He3b81v77572129&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&auid=314788658.1701164380&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=XLVlZcbPH_vK7_UPm-SYyAE&sscte=1&crd=&eitems=ChAIgLyWqwYQ6ruLgN2rp-5SEh0A_JMckrY3dH3-QYWXV_RL-vWOKPYBysbuA1UCBg&pscrd=Ek5DaEVJZ0x5V3F3WVFtT0s5MzktV2dNYWhBUklsQUU5Y0dfX0syeHBUYzJwS1BJZ2dMcjhTQU13UUh6NnljT3ktNzlyQ3VCTGJ3bGR6ekEaV0NoQUlnTHlXcXdZUTRfX0N6ZC1kbFo4ZkVpMEFNaGF3ODlsV3MtbC1VQVhHZWhNVHppMkR0VWJ2UXd3cmtLN1Vza203c2VLYmMzMzdBVmtXSjF3MWFaUSITCMbt65Sz5oIDFXvluwgdGzIGGQ HTTP 302
  • https://www.google.com/pagead/1p-conversion/1007499765/?random=510173290&cv=11&fst=1701164379889&bg=ffffff&guid=ON&async=1&gtm=45He3b81v77572129&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&auid=314788658.1701164380&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0x5V3F3WVFtT0s5MzktV2dNYWhBUklsQUU5Y0dfX0syeHBUYzJwS1BJZ2dMcjhTQU13UUh6NnljT3ktNzlyQ3VCTGJ3bGR6ekEaV0NoQUlnTHlXcXdZUTRfX0N6ZC1kbFo4ZkVpMEFNaGF3ODlsV3MtbC1VQVhHZWhNVHppMkR0VWJ2UXd3cmtLN1Vza203c2VLYmMzMzdBVmtXSjF3MWFaUSITCMbt65Sz5oIDFXvluwgdGzIGGQ&is_vtc=1&ocp_id=XLVlZcbPH_vK7_UPm-SYyAE&cid=CAQSKQDICaaN1GXELu21Nt-gaOnvmfcoaMnr4Qvd8UG4fE85g2HxpyZ1YK_d&eitems=ChAIgLyWqwYQ6ruLgN2rp-5SEh0A_JMckpi1PbF8QzplANm6dem5UK2-a2EozwyrWw&random=3590444428 HTTP 302
  • https://www.google.ch/pagead/1p-conversion/1007499765/?random=510173290&cv=11&fst=1701164379889&bg=ffffff&guid=ON&async=1&gtm=45He3b81v77572129&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&auid=314788658.1701164380&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0x5V3F3WVFtT0s5MzktV2dNYWhBUklsQUU5Y0dfX0syeHBUYzJwS1BJZ2dMcjhTQU13UUh6NnljT3ktNzlyQ3VCTGJ3bGR6ekEaV0NoQUlnTHlXcXdZUTRfX0N6ZC1kbFo4ZkVpMEFNaGF3ODlsV3MtbC1VQVhHZWhNVHppMkR0VWJ2UXd3cmtLN1Vza203c2VLYmMzMzdBVmtXSjF3MWFaUSITCMbt65Sz5oIDFXvluwgdGzIGGQ&is_vtc=1&ocp_id=XLVlZcbPH_vK7_UPm-SYyAE&cid=CAQSKQDICaaN1GXELu21Nt-gaOnvmfcoaMnr4Qvd8UG4fE85g2HxpyZ1YK_d&eitems=ChAIgLyWqwYQ6ruLgN2rp-5SEh0A_JMckpi1PbF8QzplANm6dem5UK2-a2EozwyrWw&random=3590444428&ipr=y
Request Chain 99
  • https://sb.scorecardresearch.com/b?c1=2&c2=14617386&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1701164381020&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2F&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1701164381020&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2F&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&c9=
Request Chain 120
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=sanook.com&sn=ChromeSyncframe&so=0&topUrl=www.sanook.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=f3xeZXxRd0ZUQVlRejJKeUZkcnB5Nmo2ZVN5M09NcnY2QzRhTk84by9leWNFQ0ZSWkJoZ3Q3bmdOYlhHc0ZYQndkTXljUW1PR0c3a0xRT0l3ajkwdkNqV1hucEZaNkZiczgrYTE0N3NFMlRlWEt0US9pVTYyaUhpQkFUOERsM0djVnVmNVk0bHBPdmhibnlaVmE2QmZ4OWwzV2hjZHo4S1FxcnRNVEx4bHI5ZG5weHJQVGVpMUw4Zzh0ZC9WMi84QWtrRmhuNzN2V2tnVElJTUtLWHVSMXhXU1NHaGx0bUFXMDgvN05LcFdvdWZYSmQvdHR2NTRkWktIOWRjM2RET0tMVi9DY0k2Z0lUek43cVF6QXhmSEZZY3ljdz09fA&cppv=2
Request Chain 158
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2F&rid=esp&cc=1
Request Chain 160
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 161
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BC54E062-1912-470B-9D76-E7D9475C5311&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BC54E062-1912-470B-9D76-E7D9475C5311&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 162
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=A_ssf1f7Ly8Y_ip5U_03eAStKC4YrCt7VPj3gfYK
Request Chain 163
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2297806412148916301&gdpr=0&gdpr_consent=
Request Chain 164
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7306445381536970894&gdpr=0&gdpr_consent=
Request Chain 165
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=34e8b9fc-fa7d-4ee9-bf13-c922729d09c1&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=779824a1-9984-450a-b204-92613bcdcff3&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 166
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=knAKLyoyX0tzy3brmzysSMPOaYI&gdpr=0&gdpr_consent=
Request Chain 167
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEdGhFN0t5MnNBQUJjUHRid0N1Zw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AADthE7Ky2sAABcPtbwCug&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AADthE7Ky2sAABcPtbwCug&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AADthE7Ky2sAABcPtbwCug&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=8836778444770321177&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADthE7Ky2sAABcPtbwCug&gdpr=0&gdpr_consent=
Request Chain 168
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU628bb0de99634e18b11c999b65ffb898
Request Chain 169
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vFTgYhkSRwuddufZR1xTEQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 170
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=BC54E062-1912-470B-9D76-E7D9475C5311&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=BC54E062-1912-470B-9D76-E7D9475C5311&gdpr=0&gdpr_consent=&ct=y
Request Chain 171
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3223978369
Request Chain 172
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=BC54E062-1912-470B-9D76-E7D9475C5311 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=N2lkaEcwT1JlUFdUSFdWV1FkR3lubnYwdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=3272303205484064919&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 173
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkM1NEUwNjItMTkxMi00NzBCLTlENzYtRTdEOTQ3NUM1MzEx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 174
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKNUl2If4oXhdNq6Ws-oEpQ&google_cver=1
Request Chain 175
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:1DA1F0AFECA740B28A374C19B15380E1
Request Chain 176
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7466765702092464794
Request Chain 178
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BC54E062-1912-470B-9D76-E7D9475C5311&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BC54E062-1912-470B-9D76-E7D9475C5311&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uSFVYGJE2uUo97PP_flA0Qb2gSg5lwM-~A&gdpr=0
Request Chain 180
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=fb7d78b1-e5c2-4231-bb5e-8050a5da0916-6565b55e-4348&gdpr=0&gdpr_consent=
Request Chain 181
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=BC54E062-1912-470B-9D76-E7D9475C5311&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=2e8cdbbe6f9216b7&is_secure=true&networkId=17100&version=1&nuid=BC54E062-1912-470B-9D76-E7D9475C5311&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIxg03NYY1OQMM5HySAAAAAAA&expiration=1701250782&nuid=BC54E062-1912-470B-9D76-E7D9475C5311&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 182
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8081171439538271367&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 195
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=DPDVgFjw1tAX9dOHAqfOgw-hgNQXp9CHC_JgGLEv
Request Chain 196
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3272303205484064919
Request Chain 197
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=15f6d5bc-2abe-8767-b40a-3e3c21616b1e HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=15f6d5bc-2abe-8767-b40a-3e3c21616b1e&dcc=t
Request Chain 200
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIQY-ovI4O86mfTwalTDvno&google_cver=1
Request Chain 215
  • https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 228
  • https://cat.nl3.eu.criteo.com/tpd?dd=HRQYTl9rJTJCcEIwQmFic0RsYjZLNTdyVGZjVDRWb2t1NmE2ZXE3cTkybFNQOWpLcmJPcHJoNFFQOTBLSVRzbUpBOGlnMkpXblFXayUyQk1BSThjZGY2TEtJUW1uViUyQjdMaUhHM0tHVkUzNTJHMURsSWpuQjRYV0VUdTVLekJKOFR2eGI5UmZjeGI0dUdyZjVLYnglMkYyamlIMm5OcmFMcFFjUG5BN2lFNUNHWXNrbnZRTHZVd2t6WkQ2eEtvYnlJR0g4MjFpRWM1aFNaZDkzaDI3UUVvOHhaVyUyQnowZWNnVnklMkZQbW5pMDNHbnR4WndhRDBaZU05U0NSMWw4RHhyZTZNUmxUWU9xQTV0ZFV6MXZlUSUyRkk1dHBOQzRVTVFja2ZidnUyYllzNWJFV1RyeCUyQmg5VXRzOE8lMkZKZ21pciUyRnYxcUpVVGYlMkIlMkZkZDdzcURQUUxzeFZ1cE8wamJyY1RsNkZMUGRQdjZlUHRjS3AlMkJNVnZib0dibXBwa3dmZ1g2MXpPNEhyZEpyZWwlMkZqRnptNTNsRzhtQVdqelh2dDlHUWYwN1JqUFZpJTJCellwdWFaeG9IcXBZOGI1bW1rRHg1RVAlMkZxZE1TZlJmTWY5Z2p0YXBRZ2RCMDdkd01QeTVQbCUyRnpRdGN1ZzlrM21qSmttbHlTdmpNVjFqRHkyblZCdVVrNWo2d1M1YmxrQTMyUEFQWlF2VnNTQzNqUzElMkZXbUZkZFpPTmVjZ0dPamNNVDNxejNBYmJ4T1JUbkxDVGIzNmVJcGtJbjRtSlRmMjBPN3Y0ZyUyQnV2YVhJcjV1N2dCWmd2Z09xYThXV3clM0QlM0Q&r=https%3A%2F%2Fads.eu.criteo.com%2Fdelivery%2Fr%2Fajs.php%3Fu%3D%257CZp38KVXALq08%252FYrXhhotVqVGreU3Bbu0P%252FtVbgbY0JY%253D%257C%26c1%3DJrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aIKEfNKmem9S1txPRYROydC60nhI_pOGga-u_21zC701UDFP5FxKdBM1G0fEVqd3w9j2Byj51QLHChOxtHWtwxxQ_ro8pjpR8Yluo_ywkgJR9AKbLrettRQFAxbvSuOZNOgKvpzUPPZWmYB53uSCxIJ19NDmbNb4bGNZeQ20XmxBU_s0xHPYrZmZCCan5sLRkcK5kTY4hE79MgITQvaV33hRBC__v-rXF0ZlJWoPPFD9NWf-As6UBDG6LdA6tu8sine9I_3RFptBJxSbiisscvYsTi7he28g2uGHw5X09FOXM8h84Y7Ib0dazYmAlPjBy5E240h3W_IP9PQKa9bObBwbR1toJYUEbAnJYgCHlE9wyJhEbIIazwXgFs_7hEynNF_jZHE3JGm8a9SYGcpWqefKurmbIWfh_DJohjijh2eaoYsErp8w7H-UJWmJZr1aFahgMgq0mBS66Rb46KrSsVpke7QcD2pOUAa_5sMEFJQgDqdmWA957oVbpDFaqfRY2CH3vYm4SCkSPkVIuj6jdpJp7HuVaPmY5A HTTP 302
  • https://ads.eu.criteo.com/delivery/r/ajs.php?u=%7cZp38KVXALq08%2fYrXhhotVqVGreU3Bbu0P%2ftVbgbY0JY%3d%7c&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aIKEfNKmem9S1txPRYROydC60nhI_pOGga-u_21zC701UDFP5FxKdBM1G0fEVqd3w9j2Byj51QLHChOxtHWtwxxQ_ro8pjpR8Yluo_ywkgJR9AKbLrettRQFAxbvSuOZNOgKvpzUPPZWmYB53uSCxIJ19NDmbNb4bGNZeQ20XmxBU_s0xHPYrZmZCCan5sLRkcK5kTY4hE79MgITQvaV33hRBC__v-rXF0ZlJWoPPFD9NWf-As6UBDG6LdA6tu8sine9I_3RFptBJxSbiisscvYsTi7he28g2uGHw5X09FOXM8h84Y7Ib0dazYmAlPjBy5E240h3W_IP9PQKa9bObBwbR1toJYUEbAnJYgCHlE9wyJhEbIIazwXgFs_7hEynNF_jZHE3JGm8a9SYGcpWqefKurmbIWfh_DJohjijh2eaoYsErp8w7H-UJWmJZr1aFahgMgq0mBS66Rb46KrSsVpke7QcD2pOUAa_5sMEFJQgDqdmWA957oVbpDFaqfRY2CH3vYm4SCkSPkVIuj6jdpJp7HuVaPmY5A&r=https%3a%2f%2fads.eu.criteo.com%2fdelivery%2fr%2fajs.php%3fu%3d%257CZp38KVXALq08%252FYrXhhotVqVGreU3Bbu0P%252FtVbgbY0JY%253D%257C%26c1%3dJrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aIKEfNKmem9S1txPRYROydC60nhI_pOGga-u_21zC701UDFP5FxKdBM1G0fEVqd3w9j2Byj51QLHChOxtHWtwxxQ_ro8pjpR8Yluo_ywkgJR9AKbLrettRQFAxbvSuOZNOgKvpzUPPZWmYB53uSCxIJ19NDmbNb4bGNZeQ20XmxBU_s0xHPYrZmZCCan5sLRkcK5kTY4hE79MgITQvaV33hRBC__v-rXF0ZlJWoPPFD9NWf-As6UBDG6LdA6tu8sine9I_3RFptBJxSbiisscvYsTi7he28g2uGHw5X09FOXM8h84Y7Ib0dazYmAlPjBy5E240h3W_IP9PQKa9bObBwbR1toJYUEbAnJYgCHlE9wyJhEbIIazwXgFs_7hEynNF_jZHE3JGm8a9SYGcpWqefKurmbIWfh_DJohjijh2eaoYsErp8w7H-UJWmJZr1aFahgMgq0mBS66Rb46KrSsVpke7QcD2pOUAa_5sMEFJQgDqdmWA957oVbpDFaqfRY2CH3vYm4SCkSPkVIuj6jdpJp7HuVaPmY5A
Request Chain 233
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZWW1XqgCJJeb8b4xiLm.EQAA%263322&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZWW1XqgCJJeb8b4xiLm.EQAA%263322&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=c7382279c93b475bb09b3965236bdf39 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=c7382279-c93b-475b-b09b-3965236bdf39 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=51cd3fc4-832c-4d9d-b60e-9e46e32d4b07%3A1701164383.462388&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D51cd3fc4-832c-4d9d-b60e-9e46e32d4b07%253A1701164383.462388%26_%3D1701164383.4649334&cb=1701164383.4649663 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685631020937674&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D51cd3fc4-832c-4d9d-b60e-9e46e32d4b07%253A1701164383.462388%26_%3D1701164383.4649334 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=51cd3fc4-832c-4d9d-b60e-9e46e32d4b07%3A1701164383.462388&_=1701164383.4649334 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJACjwIARAFGjY1MWNkM2ZjNC04MzJjLTRkOWQtYjYwZS05ZTQ2ZTMyZDRiMDc6MTcwMTE2NDM4My40NjIzODgQABoNCN_qlqsGEgUI6AcQAEIASgA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEIdacZGkMPwzx7cLyIFmQgE&google_cver=1
Request Chain 234
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZWW1XqgCJJeb8b4xiLm-EQAADPoAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPU_ETXcKcf4oUz7q9_1tMY&google_cver=1
Request Chain 235
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZWW1XqgCJJeb8b4xiLm.EQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKhPjNxzvLHgTF12nq98Jm4&google_cver=1&google_hm=2
Request Chain 237
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2297806412148916301
Request Chain 238
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dindex%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=index&user_id=k-6fSC6RzRZeG-5trsCc-TqzTi7iXnmifdC7G0AA&gdpr=&gdpr_consent= HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=779824a1-9984-450a-b204-92613bcdcff3&gdpr=&gdpr_consent=&us_privacy=
Request Chain 239
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=3553230e669a16b7&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIEe3Veb_CQgNthJxrAAAAAAA&expiration=1701250782&is_secure=true
Request Chain 241
  • https://sync.srv.stackadapt.com/sync?nid=268&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=knAKLyoyX0tzy3brmzysSMPOaYI
Request Chain 242
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=Zt2gk8EZwiEUg4yNZn5RkA==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 244
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=openx&g=1&gdpr_pd=&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=779824a1-9984-450a-b204-92613bcdcff3&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 245
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0 HTTP 302
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0&tc=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073053&val=bukZcnx7IHaSuXAsuVQma_kuMRgIqcWZWMEDfGKBxDM&pi=openx&gdpr=0&tc=1
Request Chain 251
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPI5CLTC-P-1QZY&us_privacy=1---
Request Chain 252
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGRhMjMxMjA4Y2Q2MmRjNTM4NWMzMzMwNmZlMDE3MzgxYzU1ZTY0MQ&us_privacy=1---
Request Chain 253
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKP9VX_P_umrWZt-MBtzu1c&google_cver=1
Request Chain 254
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=-Yfy5oiBRTm78TObPbGgWw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=-Yfy5oiBRTm78TObPbGgWw
Request Chain 255
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/FON69EQIiTOeshRPa0cOBA?csrc=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-nd5p15VE2oJaf3OSuR1n1Q8pT0.msgRM7z1LzA--~A
Request Chain 256
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBJNUNMVEMtUC0xUVpZ&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEyY9p-6PcslmVtogoeq8dY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBJNUNMVEMtUC0xUVpZ&google_push=
Request Chain 257
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=G6R7oSSVRNeiYo0gdMzt4Q&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=G6R7oSSVRNeiYo0gdMzt4Q
Request Chain 259
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1--- HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LPI5CLTC-P-1QZY&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Request Chain 260
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&us_privacy=1--- HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADthE7Ky2sAABcPtbwCug&expires=30
Request Chain 261
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&us_privacy=1--- HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPI5CLTC-P-1QZY&us_privacy=1---
Request Chain 262
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&us_privacy=1--- HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPI5CLTC-P-1QZY&us_privacy=1---
Request Chain 263
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&us_privacy=1--- HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LPI5CLTC-P-1QZY&us_privacy=1---
Request Chain 264
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LPI5CLTC-P-1QZY&us_privacy=1---
Request Chain 265
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=4bc3d8cd-fb8e-4def-ad19-4199cb1c55c3&expires=30&us_privacy=1---
Request Chain 266
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&us_privacy=1--- HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LPI5CLTC-P-1QZY&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1--- HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LPI5CLTC-P-1QZY&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1---&final=true
Request Chain 303
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-wb3RQRzRZeG-5trsCc-TqzTi7iVCBV2PZtKPbQ&google_cm&google_hm=ay13YjNSUVJ6UlplRy01dHJzQ2MtVHF6VGk3aVZDQlYyUFp0S1BiUQ HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-wb3RQRzRZeG-5trsCc-TqzTi7iVCBV2PZtKPbQ&google_gid=CAESEA2b1XQxgCkhtEpQb2PkeH8&google_cver=1&google_ula=913071,0
Request Chain 305
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2297806412148916301
Request Chain 315
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=w4IM7_TOrWsc7Plhbv9YrHBuNH8SqwdQ HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=w4IM7_TOrWsc7Plhbv9YrHBuNH8SqwdQ
Request Chain 317
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-Yc_VlhzRZeG-5trsCc-TqzTi7iXS01GVywoc9w HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Yc_VlhzRZeG-5trsCc-TqzTi7iXS01GVywoc9w
Request Chain 334
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-3sEcPRzRZeG-5trsCc-TqzTi7iX2au8uth1JGQ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58301&ovsid=k-3sEcPRzRZeG-5trsCc-TqzTi7iX2au8uth1JGQ&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1rYno5bV9kRTJ1R1cuWlY1TXhTT1A5OGpFRjVKdnExY35B&ovsid=k-3sEcPRzRZeG-5trsCc-TqzTi7iX2au8uth1JGQ&dpid=58301
Request Chain 359
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=7RDazquOY-1p8NNpxrqHzALGNGCh4_G3
Request Chain 364
  • https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=6b4c9fc0-2013-4aee-8331-5036f857e766&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&gdpr_consent=&_t=1701164383804 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NmI0YzlmYzAtMjAxMy00YWVlLTgzMzEtNTAzNmY4NTdlNzY2
Request Chain 366
  • https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent=&_t=1701164383804 HTTP 302
  • https://sync.teads.tv/um?fp=1&eid=80&uid=c6920cf0-6cdb-4a7f-81d4-ff8475321b7f&gdpr=0&gdpr_consent=
Request Chain 367
  • https://pr-bh.ybp.yahoo.com/sync/teads/6b4c9fc0-2013-4aee-8331-5036f857e766?gdpr=0&gdpr_consent=&_t=1701164383804 HTTP 302
  • https://sync.teads.tv/um?eid=132&uid=y-GgQl0.JE2oTUYddviD9DL1fvBFc7zvajaoM-~A
Request Chain 373
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=6b4c9fc0-2013-4aee-8331-5036f857e766&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&gdpr_consent=&_t=1701164383804 HTTP 302
  • https://sync.springserve.com/usersync?aid=1000024&uuid=6b4c9fc0-2013-4aee-8331-5036f857e766
Request Chain 374
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=3&google_nid=teadstv_ab&uid=&vid=6b4c9fc0-2013-4aee-8331-5036f857e766&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&gdpr=0&gdpr_consent=&_t=1701164383804 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NmI0YzlmYzAtMjAxMy00YWVlLTgzMzEtNTAzNmY4NTdlNzY2 HTTP 302
  • https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
Request Chain 380
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=TBHcwu7WZXS41D0yeVDAm3Wml9Ncx4OT
Request Chain 415
  • https://track.adform.net/banners/Elements/Files/2012709/10919036.jpg?assetID=10919036&av=1 HTTP 301
  • https://s1.adform.net/banners/Elements/Files/2012709/10919036.jpg?assetID=10919036&av=1
Request Chain 416
  • https://track.adform.net/banners/Elements/Files/2012709/13977583.png?assetID=13977583&av=1 HTTP 301
  • https://s1.adform.net/banners/Elements/Files/2012709/13977583.png?assetID=13977583&av=1
Request Chain 417
  • https://track.adform.net/banners/Elements/Files/2012709/12286594.png?assetID=12286594&av=1 HTTP 301
  • https://s1.adform.net/banners/Elements/Files/2012709/12286594.png?assetID=12286594&av=1
Request Chain 418
  • https://track.adform.net/banners/Elements/Files/2012709/13973395.png?assetID=13973395&av=1 HTTP 301
  • https://s1.adform.net/banners/Elements/Files/2012709/13973395.png?assetID=13973395&av=1
Request Chain 419
  • https://track.adform.net/banners/Elements/Files/2012709/13977584.png?assetID=13977584&av=2 HTTP 301
  • https://s1.adform.net/banners/Elements/Files/2012709/13977584.png?assetID=13977584&av=2
Request Chain 420
  • https://track.adform.net/banners/Elements/Files/2012709/13973393.png?assetID=13973393&av=1 HTTP 301
  • https://s1.adform.net/banners/Elements/Files/2012709/13973393.png?assetID=13973393&av=1
Request Chain 421
  • https://track.adform.net/banners/Elements/Files/2012709/13973392.png?assetID=13973392&av=1 HTTP 301
  • https://s1.adform.net/banners/Elements/Files/2012709/13973392.png?assetID=13973392&av=1
Request Chain 426
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZWW1YAAC8pVjGgBd
Request Chain 427
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 428
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 430
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7517368090351806467
Request Chain 432
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685631020937674
Request Chain 436
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=5ed92b046b2ccc35/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DuroLIz3lVnQRXhaWUhXjjjYV%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=7fc7991411a53506ef1d6353dc1f2c6&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DuroLIz3lVnQRXhaWUhXjjjYV%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=uroLIz3lVnQRXhaWUhXjjjYV&gdpr=0&gdpr_consent=
Request Chain 437
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 439
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:1DA1F0AFECA740B28A374C19B15380E1&gdpr=0&gdpr_consent=
Request Chain 440
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1701164384870 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=4111091465 HTTP 302
  • https://sync.1rx.io/usersync/turn/8081171439538271367?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b20348d1-6926-4cc4-8f4a-b98f1a61cfb9-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-b20348d1-6926-4cc4-8f4a-b98f1a61cfb9-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b20348d1-6926-4cc4-8f4a-b98f1a61cfb9-003
Request Chain 442
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=BC54E062-1912-470B-9D76-E7D9475C5311&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=BC54E062-1912-470B-9D76-E7D9475C5311&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 443
  • https://pixel.onaudience.com/?partner=214&mapped=BC54E062-1912-470B-9D76-E7D9475C5311&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 444
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:9763263e-a8ca-4c02-87f3-8fb2af258d65&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

456 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.sanook.com/
Redirect Chain
  • https://webboard.news.sanook.com/forum/index.php?topic=16457944
  • https://www.sanook.com/
290 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
203.151.128.172 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
172.128.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
0ea874d0e7a2d6f5e5d49ced3c8f7f1039ceb362f504c2c0868fa2b2f336e764
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
public, s-maxage=15, max-age=5, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 28 Nov 2023 09:39:39 GMT
Proxy-Cache-Status
HIT
SN-Cache-Status
HIT
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Transfer-Encoding
chunked
Vary
Accept-Encoding User-Agent
X-Cache-Status
MISS
X-Ua-Device
desktop
X-Ua-Exp
notset
X-Ua-Key
cover_display
X-Ua-Type
human

Redirect headers

content-length
185
content-type
text/html
date
Tue, 28 Nov 2023 09:39:38 GMT
location
https://www.sanook.com/
server
nginx/1.14.0
taboola-push-sdk.js
cdn.taboola.com/webpush/publishers/1011713/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/webpush/publishers/1011713/taboola-push-sdk.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84dbea809787acd9c5c767113eb3f7bc492f55812613c10507f66f10d205db36

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
OfFW3qSCFTk8stQse__31i5akmTWt65R
content-encoding
gzip
via
1.1 varnish
date
Tue, 28 Nov 2023 09:39:39 GMT
x-amz-request-id
FF1BVG5XVFC5WQWW
age
17968
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5678
x-amz-id-2
E/xEwBJN3ux3bfaHRCNlmMltN/W+OX5qYrB+tvcs6a3wiT1qb3HDIEYtQx67wQSmaEMhtfKmRMU=
x-served-by
cache-fra-eddf8230118-FRA
last-modified
Thu, 26 Oct 2023 09:07:03 GMT
server
AmazonS3
x-timer
S1701164380.541247,VS0,VE1
etag
"e2595c8172706b041a90c945e3638320"
vary
Accept-Encoding
content-type
application/octet-stream
abp
47
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
pubmatic_desktop.1.0.0.js
s.isanook.com/sh/0/js/ 		1 KB
770 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 13:31:25 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Wed, 16 May 2018 08:30:09 GMT
server
Lego Server
age
0
etag
W/"5afbec11-43f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
15450790540696505771
accept-ranges
bytes
content-length
548
expires
Wed, 29 Nov 2023 13:31:25 GMT
publishertag.js
static.criteo.net/js/ld/ 		129 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-20336"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 29 Nov 2023 09:39:39 GMT
beacon.v1.js
p3.isanook.com/sh/0/js/ 		375 B
455 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/sh/0/js/beacon.v1.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.104 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:53:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 28 Nov 2013 06:56:15 GMT
server
Lego Server
age
0
etag
"5296e90f-177"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
3643771537564381429
accept-ranges
bytes
content-length
266
expires
Sun, 01 Oct 2023 03:53:38 GMT
gtm.js
www.googletagmanager.com/ 		290 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
60a490b681a6aa01e5ed98e44da3b896ba3c217e75aa1524f15c0888bdc76c07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94572
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 28 Nov 2023 09:39:39 GMT
d0004449.js
lvs2.truehits.in.th/dataa/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lvs2.truehits.in.th/dataa/d0004449.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.58.214 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-58-214.northern.inet.co.th
Software
nginx/1.23.3 /
Resource Hash
572f6195620e2b183fd22a1c2a5e5ed7efb23d7396a7edf432233ef6759973a6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:40 GMT
last-modified
Thu, 23 Nov 2023 07:02:00 GMT
server
nginx/1.23.3
p3p
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
content-type
application/x-javascript
cache-control
max-age=604800
content-length
8719
expires
Tue, 5 Dec 2023 9:39:40 GMT
a102.js
sal.isanook.com/js/ 		23 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sal.isanook.com/js/a102.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.94.165 Bang Phli, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-94-165.static.asianet.co.th
Software
nginx /
Resource Hash
65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 09:39:41 GMT
Last-Modified
Mon, 10 Aug 2020 09:23:14 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24035
Expires
Thu, 28 Dec 2023 09:39:41 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 28 Nov 2023 09:39:39 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
EVIqmW3z6uBjhQuLDnprebJAfgU5iUuUNNbhCeOgqnqgH3Y5ai050drj5muli8FfmLagdCVWwS/1AccIvulQdw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ht.js
sdk.ocmhood.com/sdk/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/webpush/publishers/1011713/taboola-push-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63c232511cd1f130faec46a40a0cde0cf7ea83a19b34f01267b793c8695c51b8

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3726
alt-svc
h3=":443"; ma=86400
service-worker-allowed
/
last-modified
Fri, 21 Jul 2023 09:35:24 GMT
server
cloudflare
etag
W/"64ba515c-2e63"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15WXh05pF7bCbXKv6TWKdDY0EofxsjVQ%2FD9d5VJQWjvK4Nuqen9HbCYeqNjS1Ahy6gg50Qt%2B3vJpLXkOx5WggDpjFjPTbg%2F9l7B9VZWuDtbBR0XmmjodUxpaUFDdoc8zHnpWAE%2Fd6Vf7Org3Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
82d1a51dc9b34d62-FRA
7abb1e0bad702afaea5e.css
s.isanook.com/sr/0/_next/static/css/ 		43 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/css/7abb1e0bad702afaea5e.css
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
dc691e98d42de3d1cd32438bdc3c4a0e5458876642c64466902a3218bafc4673

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 02:42:07 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
43674
server
Lego Server
age
47
etag
W/"655d6966-aa9a"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-nws-log-uuid
9752651330860066441
accept-ranges
bytes
content-length
9032
expires
Fri, 22 Dec 2023 02:42:07 GMT
webpack-a52b0998e80d2f51657a.js
s.isanook.com/sr/0/_next/static/chunks/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/webpack-a52b0998e80d2f51657a.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
7cfac12b75caab0ddda5b1fbe3bb0ab800dae343d90a213630952439c6838268

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 03:11:29 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
9582
server
Lego Server
age
0
etag
W/"656405c9-256e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
5863010393933645983
accept-ranges
bytes
content-length
4768
expires
Wed, 27 Dec 2023 03:11:29 GMT
framework-bccd505f411f10b308c7.js
s.isanook.com/sr/0/_next/static/chunks/ 		147 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/framework-bccd505f411f10b308c7.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
e16941500a7e562826092aa4e31a907a0c6e9354e4c843391cd3fdec33602bb1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:49:11 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Mon, 16 Oct 2023 07:39:35 GMT
server
Lego Server
age
203155
etag
W/"652ce8b7-24b58"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9951613743642031984
accept-ranges
bytes
content-length
45781
expires
Wed, 15 Nov 2023 08:49:11 GMT
main-6fc29b940dae36eaf931.js
s.isanook.com/sr/0/_next/static/chunks/ 		75 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/main-6fc29b940dae36eaf931.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
e6f66edeac3b3a3f7b2cd9d2c9c0365f42b989cc873dd956522bcc03e1279413

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:41:26 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
76518
server
Lego Server
age
0
etag
W/"652e0057-12ae6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
1696968905795725497
accept-ranges
bytes
content-length
23882
expires
Fri, 17 Nov 2023 15:41:26 GMT
_app-ad4e36c999b8430a3b5b.js
s.isanook.com/sr/0/_next/static/chunks/pages/ 		802 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-ad4e36c999b8430a3b5b.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
5bfbf8bfd2201da363311048624e8cdcbbde2e86a28fb612949eb0d926cc0bf8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 03:12:46 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Mon, 27 Nov 2023 02:58:18 GMT
server
Lego Server
age
77
etag
W/"656405ca-c8956"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
11218526643951154128
accept-ranges
bytes
content-length
205495
expires
Wed, 27 Dec 2023 03:11:30 GMT
2962-603a28e62dde6ed2aedb.js
s.isanook.com/sr/0/_next/static/chunks/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2962-603a28e62dde6ed2aedb.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
39a9767a33fe8b9d31f24bb9f29f98152c9f738a1bf59539cfd87285d30be231

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 09:18:12 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Wed, 15 Nov 2023 04:55:47 GMT
server
Lego Server
age
0
etag
W/"65544f53-2ebe"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
6433146053869710251
accept-ranges
bytes
content-length
2738
expires
Fri, 15 Dec 2023 09:18:12 GMT
9669-b56602280eb9384c191d.js
s.isanook.com/sr/0/_next/static/chunks/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/9669-b56602280eb9384c191d.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
9cd0cf9358f6d9ef9aecc29466faba4f8f2f5b9a79f03be60e6b220558fd4340

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:19:41 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
13794
server
Lego Server
age
0
etag
W/"652e0056-35e2"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
6675934519214887828
accept-ranges
bytes
content-length
4715
expires
Fri, 17 Nov 2023 15:19:41 GMT
1354-e6e263fd45386d27bc3d.js
s.isanook.com/sr/0/_next/static/chunks/ 		50 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/1354-e6e263fd45386d27bc3d.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
6110bd3d72d24a65ab45401d0318208e362f323aca3c84d57a36523d34a60f0b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:06:48 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 09 Nov 2023 07:11:01 GMT
server
Lego Server
age
32122
etag
W/"654c8605-c680"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
5578004403496719583
accept-ranges
bytes
content-length
17204
expires
Tue, 12 Dec 2023 17:06:48 GMT
3253-53ff7ff6e0b6ee493cc0.js
s.isanook.com/sr/0/_next/static/chunks/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/3253-53ff7ff6e0b6ee493cc0.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
1150925cc59c7046516a9aaaf3d9add1cd9cce4f6a5002154a4cfe3432906427

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 13:27:42 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 09 Nov 2023 07:11:00 GMT
server
Lego Server
age
0
etag
W/"654c8604-6129"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
2205369063298988064
accept-ranges
bytes
content-length
7144
expires
Mon, 11 Dec 2023 13:27:42 GMT
6261-0b9100df4de35e339621.js
s.isanook.com/sr/0/_next/static/chunks/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/6261-0b9100df4de35e339621.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
ee4af143a6a0a29cda4f26e4e9e05fbc58918dfa32bb26bb7f43b266afc0a085

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:51:33 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 17 Nov 2023 02:47:10 GMT
server
Lego Server
age
3
etag
W/"6556d42e-72de"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
10959405322844133281
accept-ranges
bytes
content-length
6705
expires
Sun, 17 Dec 2023 02:51:33 GMT
2144-fc95701658e9dbc62ba5.js
s.isanook.com/sr/0/_next/static/chunks/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2144-fc95701658e9dbc62ba5.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
dbc8e7010be7250d7092fa7cdfc81186f97e3abf060d836d4054ba37f1160ce3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 02:49:13 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Mon, 30 Oct 2023 02:35:31 GMT
server
Lego Server
age
0
etag
W/"653f1673-25db"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
3159985911308395271
accept-ranges
bytes
content-length
3398
expires
Wed, 29 Nov 2023 02:49:13 GMT
1216-75cdf64a6bee3b4a0f08.js
s.isanook.com/sr/0/_next/static/chunks/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/1216-75cdf64a6bee3b4a0f08.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
c874f708f5b975cd971bc4b89f3a432a46121a549273f79c0e1363ef54001157

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 03:44:20 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
6871
server
Lego Server
age
0
etag
W/"654c8609-1ad7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
5372116602423496391
accept-ranges
bytes
content-length
2537
expires
Mon, 11 Dec 2023 03:44:20 GMT
617-ce3dea63b3c20710b129.js
s.isanook.com/sr/0/_next/static/chunks/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/617-ce3dea63b3c20710b129.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
c60e2fc9ce0914bf1cf11e141c745da30edc15af953fd6682d0d95df5d83f809

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 03:09:32 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
16030
server
Lego Server
age
0
etag
W/"65544f54-3e9e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
10119049186744198283
accept-ranges
bytes
content-length
4545
expires
Sat, 16 Dec 2023 03:09:32 GMT
3051-bf42533dcd722fe36384.js
s.isanook.com/sr/0/_next/static/chunks/ 		82 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/3051-bf42533dcd722fe36384.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
b9e38cc9731430afe84fde118d71237c9a86fce3230e5ac7ae1d7f86c102842a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 17:15:06 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Tue, 17 Oct 2023 03:32:40 GMT
server
Lego Server
age
0
etag
W/"652e0058-1496c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
12765495232154593681
accept-ranges
bytes
content-length
26664
expires
Fri, 17 Nov 2023 17:15:06 GMT
5616-5f8425f3631c502b5b56.js
s.isanook.com/sr/0/_next/static/chunks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5616-5f8425f3631c502b5b56.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
be670c3d3cc9021e3e244a863bd36f5c685a09f46cffefdb930b9fefee0fec0e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 10:57:19 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 03 Nov 2023 03:53:33 GMT
server
Lego Server
age
0
etag
W/"65446ebd-2370"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
3090449316314780116
accept-ranges
bytes
content-length
3081
expires
Sun, 03 Dec 2023 10:57:19 GMT
6066-d50250a536141f89d39a.js
s.isanook.com/sr/0/_next/static/chunks/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/6066-d50250a536141f89d39a.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
12c77ac611a4332b163f12367043df571ad45e56537880d12235f9aa3376e777

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:20:51 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 19 Oct 2023 06:32:29 GMT
server
Lego Server
age
0
etag
W/"6530cd7d-95e4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
12123121359381108020
accept-ranges
bytes
content-length
9981
expires
Sat, 18 Nov 2023 10:20:51 GMT
6394-4c13bb638cce24c456c7.js
s.isanook.com/sr/0/_next/static/chunks/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/6394-4c13bb638cce24c456c7.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
b02bf2a8d76d3e8d58db00ee7d49100ee09d44b38d1d363bdbd33f9c72e92da1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 03:46:30 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 09 Nov 2023 07:11:01 GMT
server
Lego Server
age
0
etag
W/"654c8605-123d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
6123766575855584184
accept-ranges
bytes
content-length
2142
expires
Sat, 11 Nov 2023 03:46:41 GMT
6876-8ff5ec0b004769cf30cd.js
s.isanook.com/sr/0/_next/static/chunks/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/6876-8ff5ec0b004769cf30cd.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
27e3898e078a99fc5f43b11cbef454a94563852fc306e3a9f163146e02751a19

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 03:44:21 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
11452
server
Lego Server
age
4
etag
W/"654c8609-2cbc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
6420113588422253460
accept-ranges
bytes
content-length
3888
expires
Mon, 11 Dec 2023 03:44:21 GMT
9826-c6d55da930a2262e1211.js
s.isanook.com/sr/0/_next/static/chunks/ 		50 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/9826-c6d55da930a2262e1211.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
3de83e7da727f5712316e277c631c883ef938a74f0fc95222cc2c3687372390a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 07:39:28 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
51313
server
Lego Server
age
218382
etag
W/"65544f53-c871"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
17510998178230273264
accept-ranges
bytes
content-length
7599
expires
Sat, 16 Dec 2023 01:29:46 GMT
5503-983844826662fa99a2fd.js
s.isanook.com/sr/0/_next/static/chunks/ 		35 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5503-983844826662fa99a2fd.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
0d57af87c6a1f5e7e9f8eb0ef48aea7ec10d5addb811dfb15fb3f9bbeea3bdd6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 03:29:09 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
35784
server
Lego Server
age
0
etag
W/"65544f53-8bc8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
1482511154369216462
accept-ranges
bytes
content-length
6887
expires
Sat, 16 Dec 2023 03:29:09 GMT
7263-73bc5ff6d45fa239e169.js
s.isanook.com/sr/0/_next/static/chunks/ 		211 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/7263-73bc5ff6d45fa239e169.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
09d0eaf68b2500767e75eb4d517510feb66e948f8b5c1f0da09e869a387b3ea4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 02:48:26 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
215888
server
Lego Server
age
0
etag
W/"65600daa-34b50"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
6666241413730516049
accept-ranges
bytes
content-length
44723
expires
Sun, 24 Dec 2023 02:48:26 GMT
3316-c2db2abb0c275a7040e2.js
s.isanook.com/sr/0/_next/static/chunks/ 		18 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/3316-c2db2abb0c275a7040e2.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
d38961bd0b1ca21df559b911d10e02450f663398373f3e6ac76eb31809b5b75e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 06:47:58 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Wed, 25 Oct 2023 14:31:03 GMT
server
Lego Server
age
0
etag
W/"653926a7-4663"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
6342153604924193673
accept-ranges
bytes
content-length
4351
expires
Sat, 25 Nov 2023 06:47:58 GMT
5269-552b6a06d820c45d8549.js
s.isanook.com/sr/0/_next/static/chunks/ 		239 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5269-552b6a06d820c45d8549.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
28dd6b8b629e24a8d0dd63255b810e2ca34d538fc6156d76d148641cd5241305

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:51:33 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
244526
server
Lego Server
age
0
etag
W/"6556d42e-3bb2e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
16376663889396883140
accept-ranges
bytes
content-length
19105
expires
Sun, 17 Dec 2023 02:51:33 GMT
2182-2de900c55b59a3a8ff15.js
s.isanook.com/sr/0/_next/static/chunks/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2182-2de900c55b59a3a8ff15.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
7cea76adea490a4845fe50f4896a60e5d1c64f37a9fd09a2211f5ce4315d245a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 03:44:22 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
16975
server
Lego Server
age
0
etag
W/"654c8609-424f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
8833191945792939994
accept-ranges
bytes
content-length
3742
expires
Mon, 11 Dec 2023 03:44:22 GMT
7634-b4af03af5d7d2f3a5d34.js
s.isanook.com/sr/0/_next/static/chunks/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/7634-b4af03af5d7d2f3a5d34.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
f39ecc954934add03f0ad833d32bb9d1c1a2180118d11400d4f65dc088e257c6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 03:36:08 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
14113
server
Lego Server
age
0
etag
W/"65544f53-3721"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
17023048610767322115
accept-ranges
bytes
content-length
2601
expires
Sat, 16 Dec 2023 03:36:08 GMT
9063-6d19362abfe44307bcc8.js
s.isanook.com/sr/0/_next/static/chunks/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/9063-6d19362abfe44307bcc8.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
054cfdde8ca8063d808ef8b286bf4ab12d26fbba95eb8192fabe4eddac9a4b12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:21:08 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
11926
server
Lego Server
age
0
etag
W/"6530cd80-2e96"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
15099141551790501163
accept-ranges
bytes
content-length
3789
expires
Sat, 18 Nov 2023 10:21:08 GMT
2511-62bbd9193827fbf1398a.js
s.isanook.com/sr/0/_next/static/chunks/ 		16 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2511-62bbd9193827fbf1398a.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
691d114327be68dbc2bdb308e1e90c090f997ab883293781706f47dcfbfbe85e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 03:45:25 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 09 Nov 2023 07:11:05 GMT
server
Lego Server
age
143725
etag
W/"654c8609-3ee4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
14459635175289633812
accept-ranges
bytes
content-length
3211
expires
Sat, 09 Dec 2023 11:50:01 GMT
7605-f3d5ddfde21b6623d81b.js
s.isanook.com/sr/0/_next/static/chunks/ 		18 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/7605-f3d5ddfde21b6623d81b.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
65e08beb42a478adfc09e060a428ebe8d50160a8a8cc48edd5ee1cd2d3ab298c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 03:44:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
18842
server
Lego Server
age
0
etag
"654c8607-499a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
15165597177993444163
accept-ranges
bytes
content-length
2991
expires
Mon, 11 Dec 2023 03:44:53 GMT
2820-42cb5f15989e8b325524.js
s.isanook.com/sr/0/_next/static/chunks/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2820-42cb5f15989e8b325524.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
93eb2558997c67e86a9031b77b19cf035a5c3c96c00c8e96d76a5c772d73b4eb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 22:36:28 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 09 Nov 2023 07:11:01 GMT
server
Lego Server
age
0
etag
W/"654c8605-3a84"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
14758233573042778868
accept-ranges
bytes
content-length
3600
expires
Fri, 10 Nov 2023 22:36:39 GMT
1918-2dac299f8ea7deb623e8.js
s.isanook.com/sr/0/_next/static/chunks/ 		41 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/1918-2dac299f8ea7deb623e8.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
52b6f660e855b3d009814c6fa3ea5dcf9f868e3b19503450169d0d7f15d4a62e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 09:41:37 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Oct 2023 07:25:12 GMT
server
Lego Server
age
0
etag
W/"653a1458-a418"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
12946180070389603359
accept-ranges
bytes
content-length
9185
expires
Sat, 25 Nov 2023 09:41:37 GMT
firstpage-8e13922bb1d51ddbae5d.js
s.isanook.com/sr/0/_next/static/chunks/pages/common/ 		269 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/pages/common/firstpage-8e13922bb1d51ddbae5d.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
45dd7d39e45fee921d1d0cb1a7852bebac8cb5145e1222452209e53acce24e5a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 03:12:11 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
275319
server
Lego Server
age
0
etag
W/"656405c9-43377"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
9567697178460093957
accept-ranges
bytes
content-length
44048
expires
Wed, 27 Dec 2023 03:12:11 GMT
_buildManifest.js
s.isanook.com/sr/0/_next/static/8jFYTVnm_WrAzIFE3Iv_j/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/8jFYTVnm_WrAzIFE3Iv_j/_buildManifest.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
33bfb61e21bd18cc249fb62d88366826f63572edcbcb129b0c794856fa91ae91

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 03:11:29 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Mon, 27 Nov 2023 02:58:16 GMT
server
Lego Server
age
78
etag
W/"656405c8-6bab"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
8846498130071105078
accept-ranges
bytes
content-length
7426
expires
Wed, 27 Dec 2023 03:11:29 GMT
_ssgManifest.js
s.isanook.com/sr/0/_next/static/8jFYTVnm_WrAzIFE3Iv_j/ 		77 B
263 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/8jFYTVnm_WrAzIFE3Iv_j/_ssgManifest.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 03:11:33 GMT
x-cache-lookup
Cache Hit
x-original-content-length
77
server
Lego Server
age
0
etag
W/"656405c8-4d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
18089349164700803417
accept-ranges
bytes
content-length
77
expires
Wed, 27 Dec 2023 03:11:33 GMT
spacer.gif
p3.isanook.com/sh/0/di/ac/vl/ 		0
0
ic-lotto.png
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/ic-lotto.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
99547a965f07daf7a5531abff25b655f8ca954dcd1fc1794a87e62b4f59069a7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 03:46:30 GMT
x-cache-lookup
Cache Hit
last-modified
Thu, 09 Nov 2023 07:11:35 GMT
server
Lego Server
age
0
etag
"654c8627-b1f"
content-type
image/png
cache-control
s-maxage=10
x-nws-log-uuid
18211934392493546536
accept-ranges
bytes
content-length
2847
joox.svg
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		1 KB
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/joox.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
0b2e019fbe37d9642ad85f3194ef708e5510f4e580544587d3036d2c6a22809e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 03:45:40 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 09 Nov 2023 07:11:35 GMT
server
Lego Server
age
84
etag
W/"654c8627-4e7"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
14361138237765567144
accept-ranges
bytes
content-length
548
expires
Mon, 11 Dec 2023 03:45:40 GMT
wetv.svg
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/wetv.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
08a8463bf15cca775e8cc01995f1d42758cbda90dee2b7019fee15daa62822c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 03:46:30 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 09 Nov 2023 07:11:35 GMT
server
Lego Server
age
0
etag
W/"654c8627-1a5b"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
17160362696081044995
accept-ranges
bytes
content-length
1827
expires
Mon, 11 Dec 2023 03:46:30 GMT
wecomics-d.png
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/wecomics-d.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
72b957c8e33b77cbf556151dc0c974c59408561b4bf97828c5b400bb60663138

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 03:46:30 GMT
x-cache-lookup
Cache Hit
last-modified
Thu, 09 Nov 2023 07:11:35 GMT
server
Lego Server
age
0
etag
"654c8627-bec"
content-type
image/png
cache-control
s-maxage=10
x-nws-log-uuid
10256467543526211091
accept-ranges
bytes
content-length
3052
pubg.png
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/pubg.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
695669eab4d353184ff9d06af8b2e1d0c0aea5af143d16b84206b05f1fa7ec3d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 03:46:30 GMT
x-cache-lookup
Cache Hit
last-modified
Thu, 09 Nov 2023 07:11:35 GMT
server
Lego Server
age
0
etag
"654c8627-8c6"
content-type
image/png
cache-control
s-maxage=10
x-nws-log-uuid
18158514615299498324
accept-ranges
bytes
content-length
2246
ic-findluckynumber.svg
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/ic-findluckynumber.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
bb9ed1770e9024deb98eee45ba561267d7ef74129e952928e7d62d581948bc0e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 03:11:01 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Tue, 14 Nov 2023 07:26:29 GMT
server
Lego Server
age
0
etag
W/"65532125-9f1"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
7557789134214256675
accept-ranges
bytes
content-length
1107
expires
Fri, 15 Dec 2023 03:11:01 GMT
sanook_thumbnail_1200x720.jpg
s.isanook.com/fi/0/fp/392/1961569/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1961569/sanook_thumbnail_1200x720.jpg?ip/crop/w555h333/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
d118c058946ea83791fc6880ec2fbd8b3a5f044b59116b2421ce44a61f1c448d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:07:47 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
67
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
11152509324815095957
accept-ranges
bytes
content-length
42382
expires
Thu, 28 Dec 2023 09:07:47 GMT
banznznzn.jpg
s.isanook.com/fi/0/fp/392/1961629/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1961629/banznznzn.jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
4f69d406e755952c460d327c29dd0230c3b8d18657f4592bf80ebe7a2339b15e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 08:09:55 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
372
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
5916513792503973049
accept-ranges
bytes
content-length
13023
expires
Thu, 28 Dec 2023 08:09:55 GMT
a.jpg
s.isanook.com/fi/0/fp/392/1961525/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1961525/a.jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
6b3bb303c42b32572c7c0487998fbda6086886f7fd8b8361dc83943a5696555d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:09:05 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
16437802873862474090
accept-ranges
bytes
content-length
12334
expires
Thu, 28 Dec 2023 09:09:05 GMT
sex4.jpg
s.isanook.com/fi/0/fp/392/1961597/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1961597/sex4.jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
efeb6e803225f9b5029f140648d5f24bbe87bc633462d0501a0c1f2b3110bdc4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:09:05 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
6308277503026514778
accept-ranges
bytes
content-length
7361
expires
Thu, 28 Dec 2023 09:09:05 GMT
tagline-template-update-202.jpg
s.isanook.com/fi/0/fp/392/1961557/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1961557/tagline-template-update-202.jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
49a0c2ffffe6c7e81093ae17f4ea99193ba5a3688755b309062e72f55f1c0324
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:12:57 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
7564057859573567053
accept-ranges
bytes
content-length
7427
expires
Thu, 28 Dec 2023 09:12:57 GMT
cats.jpg
s.isanook.com/fi/0/fp/392/1960901/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1960901/cats.jpg?ip/crop/w172h97/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
d988006fdf7126543981eeb3b29708cf01fe346a0ed53acccd145089e0ea71c7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:07:49 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
76
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
4114999511058341946
accept-ranges
bytes
content-length
6246
expires
Thu, 28 Dec 2023 09:07:49 GMT
checktn.jpg
s.isanook.com/fi/0/fp/392/1961637/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1961637/checktn.jpg?ip/crop/w172h97/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
88f091504d46062b949e52027d3d3b7981aef1913b888f763b5ef35c376e2122
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:09:06 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
12423642029363755664
accept-ranges
bytes
content-length
6517
expires
Thu, 28 Dec 2023 09:09:06 GMT
tagline-template-update-april.jpg
s.isanook.com/fi/0/fp/392/1961417/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1961417/tagline-template-update-april.jpg?ip/crop/w172h97/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
8bd499bd31d582e2ddda2765b57a058c9dcea3968c55ec7dc0323b82b8c66c01
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 08:16:08 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
14012544486090354578
accept-ranges
bytes
content-length
5044
expires
Thu, 28 Dec 2023 08:16:08 GMT
soy-protein_1569921861.jpg
s.isanook.com/fi/0/fp/258/1294141/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/258/1294141/soy-protein_1569921861.jpg?ip/crop/w172h97/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
72971a1ebf5dda7f5448b5047eba8b6a1af946ce1a70872b8d1b981092a18639
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:30:51 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
218
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
14578038635518516572
accept-ranges
bytes
content-length
6274
expires
Thu, 28 Dec 2023 09:30:51 GMT
15.jpg
s.isanook.com/fi/0/fp/392/1961521/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1961521/15.jpg?ip/crop/w172h97/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
af7c4f54c65129fc0ea52b1e7ae26f047ba21953adaf59b3fcb1962fc3f810f1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:09:06 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
1282230684922649603
accept-ranges
bytes
content-length
3705
expires
Thu, 28 Dec 2023 09:09:06 GMT
like-a-dragon-8-map-three-tim.jpg
s.isanook.com/fi/0/fp/392/1961489/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1961489/like-a-dragon-8-map-three-tim.jpg?ip/crop/w172h97/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
4db2fe4ebe41cbbd107bc897b134518a86685b706c1460b357bc87bbc163c07f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:09:06 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
15945100968572878318
accept-ranges
bytes
content-length
6638
expires
Thu, 28 Dec 2023 09:09:06 GMT
sanook_thumbnail_1200x720.jpg
s.isanook.com/fi/0/fp/392/1961633/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1961633/sanook_thumbnail_1200x720.jpg?ip/crop/w172h97/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
bf44cea4d8eafe4c35f8f0bb607771c1daa15484b900b00fa31a89695bcc8730
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:09:06 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
15029899020544045918
accept-ranges
bytes
content-length
4913
expires
Thu, 28 Dec 2023 09:09:06 GMT
tagline-template-update-april.jpg
s.isanook.com/fi/0/fp/392/1961265/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1961265/tagline-template-update-april.jpg?ip/crop/w172h97/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
6fb9c05970becece107c23e11d3b7c396fd8386e0b599dcac43f0ab3312057cb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:10:43 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
152
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
665927904520057663
accept-ranges
bytes
content-length
5547
expires
Thu, 28 Dec 2023 01:10:43 GMT
oppa.js
p3.isanook.com/sh/0/js/ 		537 B
676 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/sh/0/js/oppa.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.104 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 07:50:25 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
537
server
Lego Server
age
0
etag
"591c0bd4-219"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
15888731769040939606
accept-ranges
bytes
content-length
363
expires
Thu, 31 Aug 2023 07:50:25 GMT
1489944661112333
connect.facebook.net/signals/config/ 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1489944661112333?v=2.9.138&r=stable&domain=www.sanook.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
25c5d729343b9eb27f8f5cfa2a501afc380d30e871acf94cb1d32599dcf90079
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 28 Nov 2023 09:39:39 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35652
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
mqOYP4i3xWk2qyRyPTQdOsjG6OBUYF+toV+HDLJhzHrAnEFgekARuW75HJ2yKuVDJLvE0yQMbU6cqNZBHNx73Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
logo-sanook-n.svg
s.isanook.com/sr/0/images/ 		11 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/logo-sanook-n.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
412e44de7c09f2b8d76b1ad4ca25cc6915bcca5d737aaa7c5a6b44e5965d1d6d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 03:45:02 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 09 Nov 2023 07:11:46 GMT
server
Lego Server
age
0
etag
W/"654c8632-2b18"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
2876469300403343242
accept-ranges
bytes
content-length
4394
expires
Mon, 11 Dec 2023 03:45:02 GMT
prompt-regular-webfont.woff2
s.isanook.com/sr/0/fonts/prompt/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/prompt/prompt-regular-webfont.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
8756f19020bac3a40d2a403c5f5bcf3ac5034bc0da074d6a383bbe6c32561de5

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 03:45:03 GMT
x-cache-lookup
Cache Hit
last-modified
Thu, 09 Nov 2023 07:11:10 GMT
server
Lego Server
age
0
etag
"654c860e-c8dc"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
600532296805079304
accept-ranges
bytes
content-length
51420
expires
Mon, 11 Dec 2023 03:45:03 GMT
SukhumvitReg.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitReg.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 03:45:03 GMT
x-cache-lookup
Cache Hit
last-modified
Thu, 09 Nov 2023 07:11:13 GMT
server
Lego Server
age
0
etag
"654c8611-7a90"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
1201317676771664357
accept-ranges
bytes
content-length
31376
expires
Mon, 11 Dec 2023 03:45:03 GMT
prompt-bold-webfont.woff2
s.isanook.com/sr/0/fonts/prompt/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/prompt/prompt-bold-webfont.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
d68c3ead837103c502de483abfdb0167fa83abe2a3ba452df2d5f216289f6c9f

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 03:45:03 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 09 Nov 2023 07:11:10 GMT
server
Lego Server
age
0
etag
W/"654c860e-cf40"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
12227740517491613837
accept-ranges
bytes
content-length
53090
expires
Mon, 11 Dec 2023 03:45:03 GMT
prompt-semibold-webfont.woff2
s.isanook.com/sr/0/fonts/prompt/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/prompt/prompt-semibold-webfont.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
211ce11050c57b74d7f793232305a8ee5cea7f061366efaa6df4bff5cb7a2495

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 03:45:03 GMT
x-cache-lookup
Cache Hit
last-modified
Thu, 09 Nov 2023 07:11:10 GMT
server
Lego Server
age
0
etag
"654c860e-c930"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
14046284055319085570
accept-ranges
bytes
content-length
51504
expires
Mon, 11 Dec 2023 03:45:03 GMT
SukhumvitBold.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitBold.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 13:03:42 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Tue, 07 Nov 2023 08:33:34 GMT
server
Lego Server
age
0
etag
W/"6549f65e-7df4"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
4795957683462216336
accept-ranges
bytes
content-length
32272
expires
Fri, 08 Dec 2023 13:03:42 GMT
js
www.googletagmanager.com/gtag/ 		248 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
608878392b505e6f542c9fde623ff22542e7d90f029c42c6ab35b3f1556a9f4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86684
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 28 Nov 2023 09:39:39 GMT
/
www.googleadservices.com/pagead/conversion/1007499765/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/1007499765/?random=1701164379889&cv=11&fst=1701164379889&bg=ffffff&guid=ON&async=1&gtm=45He3b81v77572129&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&bttype=purchase&auid=314788658.1701164380&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
8ce5a2fdcc89e93de8aeb664679ef8bfadf7cb018bd66b710080c0f9c1b34f4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1679
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/?random=1701164379893&cv=11&fst=1701164379893&bg=ffffff&guid=ON&async=1&gtm=45He3b81v77572129&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&auid=314788658.1701164380&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec3335df87c80ebcf7fffee9ff1f6b0c2faa989b113a646db062ddd9a9e07b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 28 Nov 2023 07:49:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6602
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 28 Nov 2023 09:49:38 GMT
NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL.js
cdn.ocmtag.com/tag/ 		191 B
695 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ocmtag.com/tag/NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL.js
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62998eb230205cec9dbb97bedc6654520af6e3b2b452f17c38b54eb10829a005

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3101
alt-svc
h3=":443"; ma=86400
service-worker-allowed
/
last-modified
Thu, 27 Apr 2023 11:52:10 GMT
server
cloudflare
etag
W/"644a61ea-bf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3s%2FecHm837CllBRJR8da%2BNr%2B3IMeTN%2Fl30Ve%2BbR5xftfSFGw8fNt6Xo4fvDbv8CCuOmLpSXcdwHh2j%2BDkbOdyxSz2HWcd9Kz7BNS9jodlyETm0Mwl1yN6jOg1XKTQMnywx5qJzVFkTltu5RvsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
82d1a522fb3739eb-FRA
/
beacon.taboola.com/ 		0
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.taboola.com/?cat=webpush&v=1.5&src=Sanook&event=ask&features=adblock
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230118-FRA
date
Tue, 28 Nov 2023 09:39:40 GMT
via
1.1 varnish
server
Varnish
x-timer
S1701164381.651980,VS0,VE0
access-control-allow-methods
GET, POST
content-type
x-cache
HIT
cache-control
private, no-store
access-control-allow-credentials
true
accept-ranges
bytes
retry-after
0
x-cache-hits
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1489944661112333&ev=PageView&dl=https%3A%2F%2Fwww.sanook.com%2F&rl=&if=false&ts=1701164379910&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701164379909.1611680744&ler=empty&it=1701164379851&coo=false&rqm=GET
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 28 Nov 2023 09:39:40 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
region1.analytics.google.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-M0RYDTKBFK&gtm=45je3b81v888883767z877572129&_p=1701164379500&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=138966829.1701164380&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&sid=1701164379&sct=1&seg=0&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&en=page_view&_fv=1&_nsi=1&_ss=2&ep.user_session_id=1701164379885.sh10t1o&ep.content_channel=firstpage&ep.content_page_format=indexpage&ep.adblock_tracker=false&upn.user_login=0&tfd=2461
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M0RYDTKBFK&cid=138966829.1701164380&gtm=45je3b81v888883767z877572129&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ch/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M0RYDTKBFK&cid=138966829.1701164380&gtm=45je3b81v888883767z877572129&aip=1&dma=0&gcd=11l1l1l1l1&z=448254854
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
goggen.php
lvs2.truehits.in.th/ 		91 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lvs2.truehits.in.th/goggen.php?hc=d0004449&bv=0&rf=bookmark&web=uxOeHqm9fCOOCx3/6HBjaQ%3D%3D&bn=Netscape&ss=1600*1200&sc=24&sv=1.3&ck=y&ja=n&vt=3A20A911.1&fp=d&fv=-&truehitspage=sanook.www.index&truehitsurl=https%3a//www.sanook.com/&async=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.58.214 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-58-214.northern.inet.co.th
Software
nginx/1.23.3 /
Resource Hash
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/jpeg
pragma
no-cache
date
Tue, 28 Nov 2023 09:39:40 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server
nginx/1.23.3
p3p
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
/
www.google.com/pagead/1p-user-list/408516141/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/408516141/?random=1701164379893&cv=11&fst=1701162000000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v77572129&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&fmt=3&is_vtc=1&cid=CAQSGwDICaaNurcLor-LFBzqDYIVPZXSGYixAvgICw&random=270663146&rmt_tld=0&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:40 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ch/pagead/1p-user-list/408516141/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/pagead/1p-user-list/408516141/?random=1701164379893&cv=11&fst=1701162000000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v77572129&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&fmt=3&is_vtc=1&cid=CAQSGwDICaaNurcLor-LFBzqDYIVPZXSGYixAvgICw&random=270663146&rmt_tld=1&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:40 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ch/pagead/1p-conversion/1007499765/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=510173290&cv=11&fst=1701164379889&bg=ffffff&guid=ON&async=1&gtm=45He3b81v77572129&gcd=11l1l1l1l1&dma=0&u_w=1600&u...
  • https://www.google.com/pagead/1p-conversion/1007499765/?random=510173290&cv=11&fst=1701164379889&bg=ffffff&guid=ON&async=1&gtm=45He3b81v77572129&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%...
  • https://www.google.ch/pagead/1p-conversion/1007499765/?random=510173290&cv=11&fst=1701164379889&bg=ffffff&guid=ON&async=1&gtm=45He3b81v77572129&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/pagead/1p-conversion/1007499765/?random=510173290&cv=11&fst=1701164379889&bg=ffffff&guid=ON&async=1&gtm=45He3b81v77572129&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&auid=314788658.1701164380&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0x5V3F3WVFtT0s5MzktV2dNYWhBUklsQUU5Y0dfX0syeHBUYzJwS1BJZ2dMcjhTQU13UUh6NnljT3ktNzlyQ3VCTGJ3bGR6ekEaV0NoQUlnTHlXcXdZUTRfX0N6ZC1kbFo4ZkVpMEFNaGF3ODlsV3MtbC1VQVhHZWhNVHppMkR0VWJ2UXd3cmtLN1Vza203c2VLYmMzMzdBVmtXSjF3MWFaUSITCMbt65Sz5oIDFXvluwgdGzIGGQ&is_vtc=1&ocp_id=XLVlZcbPH_vK7_UPm-SYyAE&cid=CAQSKQDICaaN1GXELu21Nt-gaOnvmfcoaMnr4Qvd8UG4fE85g2HxpyZ1YK_d&eitems=ChAIgLyWqwYQ6ruLgN2rp-5SEh0A_JMckpi1PbF8QzplANm6dem5UK2-a2EozwyrWw&random=3590444428&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:40 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:40 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.ch/pagead/1p-conversion/1007499765/?random=510173290&cv=11&fst=1701164379889&bg=ffffff&guid=ON&async=1&gtm=45He3b81v77572129&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&auid=314788658.1701164380&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0x5V3F3WVFtT0s5MzktV2dNYWhBUklsQUU5Y0dfX0syeHBUYzJwS1BJZ2dMcjhTQU13UUh6NnljT3ktNzlyQ3VCTGJ3bGR6ekEaV0NoQUlnTHlXcXdZUTRfX0N6ZC1kbFo4ZkVpMEFNaGF3ODlsV3MtbC1VQVhHZWhNVHppMkR0VWJ2UXd3cmtLN1Vza203c2VLYmMzMzdBVmtXSjF3MWFaUSITCMbt65Sz5oIDFXvluwgdGzIGGQ&is_vtc=1&ocp_id=XLVlZcbPH_vK7_UPm-SYyAE&cid=CAQSKQDICaaN1GXELu21Nt-gaOnvmfcoaMnr4Qvd8UG4fE85g2HxpyZ1YK_d&eitems=ChAIgLyWqwYQ6ruLgN2rp-5SEh0A_JMckpi1PbF8QzplANm6dem5UK2-a2EozwyrWw&random=3590444428&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		16 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1427225150&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAEK~&jid=1765949435&gjid=1813382048&cid=138966829.1701164380&tid=UA-8147095-6&_gid=1310047379.1701164381&_r=1&_slc=1&gtm=45He3b81n81PNXLXRSv77572129&cd4=0&cd12=1701164379894.1l9p5t5lj&cd22=firstpage&cd23=indexpage&cd43=0&gcd=11l1l1l1l1&dma=0&z=597587276
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1bf2204e4bc320500b589d112b120f2c00240f6bac71af61590485ae0ebc5998
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-8147095-6&cid=138966829.1701164380&jid=1765949435&gjid=1813382048&_gid=1310047379.1701164381&_u=YADAAEAAAAAAACAEK~&z=1988329191
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3d89d2a833e0c8b73ddaac6d6ec14c4ab06c648ee6574f1b29e9ab8435e2f41e
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 28 Nov 2023 09:39:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		235 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-17F0RQM2JW&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
775b424b1c2850c7b3654376bf95f1fe12305368aac913804d87c24648427978
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84299
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 28 Nov 2023 09:39:40 GMT
activity
t.ocmhood.com/v2/ 		0
268 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.ocmhood.com/v2/activity
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 28 Nov 2023 09:39:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3oGFHA5q8AEv%2B2KtxTUv1L7OCF8LnxNymgh16xll9jJTNL1MmijPTPhVarpBPAZWg%2B4ABA5NUnINVLGVFvcPy%2BvK6%2BJF508zheoBOk6HCjsKGKvP7wwqwPoUl4c2k4jTvrewclQyEUggqHw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
no-cache
cf-ray
82d1a5247eac3802-FRA
alt-svc
h3=":443"; ma=86400
activity
t.ocmhood.com/v2/ 		0
436 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.ocmhood.com/v2/activity
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 28 Nov 2023 09:39:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZZRlKPgi3aW6RNrGZL1CI%2B72f4DHvyVkDcChMndGGNpwOrm0%2BXCUe5AXUyIs1cBNqU2M5NgB9jFY392At1U8mx6T1nJ8dTgx5BJ8m%2B4%2BMW2ld8oVZEz3UaPdmMWZUvZaYluiOipHcljB%2F8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
no-cache
cf-ray
82d1a5247eb03802-FRA
alt-svc
h3=":443"; ma=86400
/
beacon.taboola.com/ 		0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.taboola.com/?cat=webpush&v=1.5&src=Sanook&event=cancel&features=adblock
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230118-FRA
date
Tue, 28 Nov 2023 09:39:40 GMT
via
1.1 varnish
server
Varnish
x-timer
S1701164381.754722,VS0,VE0
access-control-allow-methods
GET, POST
content-type
x-cache
HIT
cache-control
private, no-store
access-control-allow-credentials
true
accept-ranges
bytes
retry-after
0
x-cache-hits
0
collect
region1.analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-17F0RQM2JW&gtm=45je3b81v9134475311&_p=1701164379500&_gaz=1&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=138966829.1701164380&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sid=1701164380&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_4=0&ep.ua_dimension_12=1701164379894.1l9p5t5lj&ep.ua_dimension_22=firstpage&ep.ua_dimension_23=indexpage&ep.ua_dimension_43=0&tfd=3256
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-17F0RQM2JW&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-17F0RQM2JW&cid=138966829.1701164380&gtm=45je3b81v9134475311&aip=1&dma=0&gcd=11l1l1l1l2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-17F0RQM2JW&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ch/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-17F0RQM2JW&cid=138966829.1701164380&gtm=45je3b81v9134475311&aip=1&dma=0&gcd=11l1l1l1l2&z=162948801
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-8147095-6&cid=138966829.1701164380&jid=1765949435&_u=YADAAEAAAAAAACAEK~&z=1456505752
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ch/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-8147095-6&cid=138966829.1701164380&jid=1765949435&_u=YADAAEAAAAAAACAEK~&z=1456505752
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container_57b51f2f1c51b15b6d1e8553.js
avd.innity.net/225/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/oppa.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.212.201.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-201-53.deploy.static.akamaitechnologies.com
Software
nginx/1.20.2 /
Resource Hash
79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 09:39:40 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Aug 2020 08:27:45 GMT
Server
nginx/1.20.2
ETag
"5f48c001-20eb-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=771737
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3222
Expires
Thu, 07 Dec 2023 08:01:57 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/beacon.v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-84.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:23:06 GMT
content-encoding
gzip
via
1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 22:21:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
8366
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
lbRNmZceWPvdleL7pdtEajhMQklBcYiFeWUNvGQ2UdLaapLP9WS97Q==
base-icon-v1.0.50.woff2
s.isanook.com/sr/0/fonts/icon/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/icon/base-icon-v1.0.50.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
745f76c8d7cfbe00c5f1d9cd212b35730ca273ebdf6f8b0f3f4f69e0ccb2ba29

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 02:43:57 GMT
x-cache-lookup
Cache Hit
last-modified
Wed, 22 Nov 2023 02:37:28 GMT
server
Lego Server
age
0
etag
"655d6968-b12c"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
17019638520697970373
accept-ranges
bytes
content-length
45356
expires
Fri, 22 Dec 2023 02:43:57 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/155976/781/ 		2 MB
247 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
32d4e32610f665f17e5f51340879ea8ef32485270d3e74e8e70eeae967b32cfd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:41 GMT
content-encoding
gzip
last-modified
Tue, 22 Aug 2023 07:17:44 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=57293
accept-ranges
bytes
content-length
252083
expires
Wed, 29 Nov 2023 01:34:34 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=14617386&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1701164381020&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2F&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1701164381020&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2F&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%...
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1701164381020&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2F&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&c9=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
18.66.147.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-84.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:41 GMT
via
1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
M2rIT8zGJLV6BP6a6C0M1T16jLj8wfBd2eJ27ywN6ARU1QO4nWnSIQ==
x-cache
Miss from cloudfront

Redirect headers

date
Tue, 28 Nov 2023 09:39:41 GMT
via
1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=14617386&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1701164381020&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2F&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&c9=
content-length
0
x-amz-cf-id
wlsXgtW4_rVzN4KS0y-L1govIXnz5u1bU4Cb4lm6EdyHnzc0Tas2vQ==
dc.js
avd.innity.net/lib/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/lib/dc.js
Requested by
Host: avd.innity.net
URL: https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.212.201.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-201-53.deploy.static.akamaitechnologies.com
Software
nginx/1.20.2 /
Resource Hash
0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 09:39:41 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Oct 2021 06:40:46 GMT
Server
nginx/1.20.2
ETag
"61725cee-5149-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2407972
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6407
Expires
Tue, 26 Dec 2023 06:32:33 GMT
container_5f47736a47e7049801000002.js
avd.innity.net/261/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/261/container_5f47736a47e7049801000002.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.212.201.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-201-53.deploy.static.akamaitechnologies.com
Software
nginx/1.20.2 /
Resource Hash
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 09:39:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Sep 2020 01:58:26 GMT
Server
nginx/1.20.2
ETag
"5f73e642-1eac-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=1957347
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2875
Expires
Thu, 21 Dec 2023 01:22:08 GMT
hub.html
p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/ Frame D556 		236 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-ad4e36c999b8430a3b5b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.104 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
283
cache-control
no-cache, max-age=0
content-encoding
gzip
content-length
186
content-type
text/html
date
Tue, 28 Nov 2023 09:34:57 GMT
server
Lego Server
vary
Accept-Encoding
x-cache-lookup
Cache Miss Hit From Inner Cluster Cache Miss
x-nws-log-uuid
18158482760081167425
x-page-speed
1.11.33.4-0
/
graph.sanook.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getFirstpageLatestEntryConnection&variables=%7B%22channels%22%3A%5B%22firstpage%22%5D%2C%22types%22%3A%5B%22content%22%5D%2C%22categoryIds%22%3A%7B%22channel%22%3A%22firstpage%22%2C%22ids%22%3A%5B794%5D%7D%2C%22categorySlugs%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22slugs%22%3A%5B%22hotnews%22%5D%7D%5D%2C%22orderBy%22%3A%7B%22direction%22%3A%22DESC%22%2C%22field%22%3A%22STICKY%22%7D%2C%22first%22%3A4%2C%22excludeEntries%22%3A%5B%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961569%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961385%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961589%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961533%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961373%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961629%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961525%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961597%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961557%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1960901%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961637%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961417%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1294141%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961521%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961489%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961633%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961265%7D%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22e838b992f7a7cc1c8b668a941703f23d86e1cac625b856a8370085b3e2cd253f%22%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
203.151.128.172 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
172.128.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.sanook.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Max-Age
300
Connection
keep-alive
Date
Tue, 28 Nov 2023 09:39:41 GMT
G-API-Cache-Status
BYPASS
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Vary
Origin
/
graph.sanook.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getFirstpageLatestEntryConnection&variables=%7B%22channels%22%3A%5B%22firstpage%22%5D%2C%22types%22%3A%5B%22content%22%5D%2C%22categoryIds%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22ids%22%3A%5B794%5D%7D%5D%2C%22categorySlugs%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22slugs%22%3A%5B%22ch-entertain%22%5D%7D%5D%2C%22first%22%3A4%2C%22excludeEntries%22%3A%5B%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961569%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961385%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961589%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961533%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961373%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961629%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961525%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961597%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961557%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1960901%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961637%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961417%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1294141%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961521%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961489%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961633%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961265%7D%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22e838b992f7a7cc1c8b668a941703f23d86e1cac625b856a8370085b3e2cd253f%22%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
203.151.128.172 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
172.128.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.sanook.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Max-Age
300
Connection
keep-alive
Date
Tue, 28 Nov 2023 09:39:41 GMT
G-API-Cache-Status
BYPASS
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Vary
Origin
cookiepolicy.png
s.isanook.com/sr/0/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/cookiepolicy.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
d57aeaf80265f0b85de1bf9798c3eb60e8b8a71869a16cea4873e21667c9f657

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 03:46:31 GMT
x-cache-lookup
Cache Hit
last-modified
Thu, 09 Nov 2023 07:11:31 GMT
server
Lego Server
age
0
etag
"654c8623-428b"
content-type
image/png
cache-control
s-maxage=10
x-nws-log-uuid
6337727094254317188
accept-ranges
bytes
content-length
17035
sanook_trend
sloth-api.sanook.com/api/ 		843 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sloth-api.sanook.com/api/sanook_trend?channel=all&t=472545
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/9669-b56602280eb9384c191d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
203.151.130.72 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
72.130.151.203.sta.inet.co.th
Software
nginx / Express
Resource Hash
d9abd525917e48d54f716492e335bf71102457245e12ebf50ee88b71d8c9b58b

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Response-Time
0.592ms
Date
Tue, 28 Nov 2023 09:39:43 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"34b-Ue/Choc7zwB9Eb/6qWwS0okbHNQ"
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Content-Length
843
Expires
Thu, 28 Dec 2023 09:39:43 GMT
logo.png
s.isanook.com/sr/0/images/events/2023/loykrathong/desktop/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/events/2023/loykrathong/desktop/logo.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
ebe881215b5bb126dfb53f6e592d965a4e2daff27116b67a566a36d2e3fde9bb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:54:59 GMT
x-cache-lookup
Cache Hit
last-modified
Fri, 03 Nov 2023 03:53:40 GMT
server
Lego Server
age
0
etag
"65446ec4-13fbb"
content-type
image/png
cache-control
s-maxage=10
x-nws-log-uuid
15322644076446433351
accept-ranges
bytes
content-length
81851
/
graph.sanook.com/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getFirstpageLatestEntryConnection&variables=%7B%22channels%22%3A%5B%22firstpage%22%5D%2C%22types%22%3A%5B%22content%22%5D%2C%22categoryIds%22%3A%7B%22channel%22%3A%22firstpage%22%2C%22ids%22%3A%5B794%5D%7D%2C%22categorySlugs%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22slugs%22%3A%5B%22hotnews%22%5D%7D%5D%2C%22orderBy%22%3A%7B%22direction%22%3A%22DESC%22%2C%22field%22%3A%22STICKY%22%7D%2C%22first%22%3A4%2C%22excludeEntries%22%3A%5B%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961569%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961385%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961589%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961533%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961373%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961629%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961525%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961597%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961557%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1960901%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961637%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961417%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1294141%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961521%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961489%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961633%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961265%7D%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22e838b992f7a7cc1c8b668a941703f23d86e1cac625b856a8370085b3e2cd253f%22%7D%7D
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-ad4e36c999b8430a3b5b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
203.151.128.172 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
172.128.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
5dd2c0559830c762c2a546e7f40de7b5137333c07eaa228ef62298e923e7ce1d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept
*/*
Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

Date
Tue, 28 Nov 2023 09:39:41 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Server
nginx
ETag
W/"1990-d3TnVBYWUPuAIWeXCgLOc8xGjG0"
X-Cache-Status
MISS
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Credentials
true
G-API-Cache-Status
HIT
Connection
keep-alive
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization
/
graph.sanook.com/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getFirstpageLatestEntryConnection&variables=%7B%22channels%22%3A%5B%22firstpage%22%5D%2C%22types%22%3A%5B%22content%22%5D%2C%22categoryIds%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22ids%22%3A%5B794%5D%7D%5D%2C%22categorySlugs%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22slugs%22%3A%5B%22ch-entertain%22%5D%7D%5D%2C%22first%22%3A4%2C%22excludeEntries%22%3A%5B%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961569%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961385%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961589%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961533%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961373%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961629%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961525%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961597%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961557%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1960901%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961637%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961417%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1294141%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961521%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961489%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961633%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1961265%7D%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22e838b992f7a7cc1c8b668a941703f23d86e1cac625b856a8370085b3e2cd253f%22%7D%7D
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-ad4e36c999b8430a3b5b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
203.151.128.172 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
172.128.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
eab542735687ed0a2e1582c2f1fc4781935589e144f1b37f5d2f4008e3054c92
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept
*/*
Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

Date
Tue, 28 Nov 2023 09:39:41 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Server
nginx
ETag
W/"172b-jaZkKBWEyQUy+ld73Pm2UiPwoi0"
X-Cache-Status
HIT
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Credentials
true
G-API-Cache-Status
HIT
Connection
keep-alive
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization
syncframe
gum.criteo.com/ Frame 3AA9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 09:39:40 GMT
server
Kestrel
server-processing-duration-in-ticks
440066
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
btn-close.png
s.isanook.com/sr/0/images/events/2023/loykrathong/desktop/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/events/2023/loykrathong/desktop/btn-close.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
ac6c4db996a8703c6d438f4bedb86c96ea166bd9534042d4d350ef279c392833

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 18:28:48 GMT
x-cache-lookup
Cache Hit
last-modified
Fri, 17 Nov 2023 08:46:45 GMT
server
Lego Server
age
0
etag
"65572875-423"
content-type
image/png
cache-control
s-maxage=10
x-nws-log-uuid
457717391185264876
accept-ranges
bytes
content-length
1059
bg.png
s.isanook.com/sr/0/images/events/2023/loykrathong/desktop/ 		319 KB
320 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/events/2023/loykrathong/desktop/bg.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
5a4cbf75c1bc308acd420193ea593086f0e2d182d35541e8eecd41947ddcdf7a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:55:36 GMT
x-cache-lookup
Cache Hit
last-modified
Fri, 03 Nov 2023 03:53:40 GMT
server
Lego Server
age
0
etag
"65446ec4-4fc0e"
content-type
image/png
cache-control
s-maxage=10
x-nws-log-uuid
11630905422171609054
accept-ranges
bytes
content-length
326670
btn.png
s.isanook.com/sr/0/images/events/2023/loykrathong/desktop/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/events/2023/loykrathong/desktop/btn.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
3020a98ef97d1ab430639a94d3d223a75b8c6111fe15dcf181cb25bd013cddd9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:54:59 GMT
x-cache-lookup
Cache Hit
last-modified
Fri, 03 Nov 2023 03:53:40 GMT
server
Lego Server
age
0
etag
"65446ec4-20ca"
content-type
image/png
cache-control
s-maxage=10
x-nws-log-uuid
2867178706627447976
accept-ranges
bytes
content-length
8394
light.png
s.isanook.com/sr/0/images/events/2023/loykrathong/desktop/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/events/2023/loykrathong/desktop/light.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
dcc661c6f79dcda30744c6d7190d20ba09d50080d8fab85536f65492bc119d13

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:54:59 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
etag
"65446ec4-73ef"
content-type
image/png
cache-control
s-maxage=10
x-nws-log-uuid
17905925547404910536
accept-ranges
bytes
content-length
29679
expires
Fri, 03 Nov 2023 03:59:59 GMT
dc-script-v2.min.js
sal.isanook.com/dc/ 		25 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sal.isanook.com/dc/dc-script-v2.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.94.165 Bang Phli, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-94-165.static.asianet.co.th
Software
nginx /
Resource Hash
3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 09:39:41 GMT
Last-Modified
Mon, 16 Nov 2020 11:46:30 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25278
Expires
Thu, 28 Dec 2023 09:39:41 GMT
/
avd.innity.com/dc/cb/ 		59 B
726 B 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by
Host: avd.innity.net
URL: https://avd.innity.net/lib/dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
10.d8.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
9e0d50d8868d75a85044f1fde5213c2a4ee8c5f7680374b05192fcc213304a7e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 09:39:41 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Nov 2023 09:39:41 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Length
79
Expires
Wed, 04 Aug 1985 12:59:00 GMT
floors.json
ads.pubmatic.com/AdServer/js/pwt/floors/155976/781/ 		369 B
615 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/floors/155976/781/floors.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4f80b6b9492d8591d006c59512737b2bf8509b15deb91a57ee74d8742905554e

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Nov 2023 09:39:41 GMT
content-encoding
gzip
last-modified
Mon, 27 Nov 2023 14:33:46 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
*
content-type
application/json
cache-control
public, max-age=10887
access-control-allow-credentials
true
accept-ranges
bytes
content-length
208
expires
Tue, 28 Nov 2023 12:41:08 GMT
geo
ut.pubmatic.com/ 		12 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0dda36c3e57d741bcabdff928bd4ab654ae6d37514de5ec880db2fc37440ae0b

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Tue, 28 Nov 2023 09:39:41 GMT
cache-control
max-age=172800
content-length
12
content-type
application/json
gpt.js
www.googletagservices.com/tag/js/ 		99 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d9bf7f335bd5a18e01b4cecb6bbf2c670bb66bc1b492b063454417572c721b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30770
x-xss-protection
0
server
cafe
etag
334 / 19689 / 31079694 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 09:39:41 GMT
sid
mug.criteo.com/ Frame 3AA9
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=sanook.com&sn=ChromeSyncframe&so=0&topUrl=www.sanook.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=f3xeZXxRd0ZUQVlRejJKeUZkcnB5Nmo2ZVN5M09NcnY2QzRhTk84by9leWNFQ0ZSWkJoZ3Q3bmdOYlhHc0ZYQndkTXljUW1PR0c3a0xRT0l3ajkwdkNqV1hucEZaNkZiczgrYTE0N3NFMlRlWEt0US9pVTYyaUhpQkFUOE...
439 B
655 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=f3xeZXxRd0ZUQVlRejJKeUZkcnB5Nmo2ZVN5M09NcnY2QzRhTk84by9leWNFQ0ZSWkJoZ3Q3bmdOYlhHc0ZYQndkTXljUW1PR0c3a0xRT0l3ajkwdkNqV1hucEZaNkZiczgrYTE0N3NFMlRlWEt0US9pVTYyaUhpQkFUOERsM0djVnVmNVk0bHBPdmhibnlaVmE2QmZ4OWwzV2hjZHo4S1FxcnRNVEx4bHI5ZG5weHJQVGVpMUw4Zzh0ZC9WMi84QWtrRmhuNzN2V2tnVElJTUtLWHVSMXhXU1NHaGx0bUFXMDgvN05LcFdvdWZYSmQvdHR2NTRkWktIOWRjM2RET0tMVi9DY0k2Z0lUek43cVF6QXhmSEZZY3ljdz09fA&cppv=2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
34cf48283943ede04c2b5a4c8d17552473d96ac602c6d0427ea10c65feab80f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:40 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3574197
expires
0

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:40 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=f3xeZXxRd0ZUQVlRejJKeUZkcnB5Nmo2ZVN5M09NcnY2QzRhTk84by9leWNFQ0ZSWkJoZ3Q3bmdOYlhHc0ZYQndkTXljUW1PR0c3a0xRT0l3ajkwdkNqV1hucEZaNkZiczgrYTE0N3NFMlRlWEt0US9pVTYyaUhpQkFUOERsM0djVnVmNVk0bHBPdmhibnlaVmE2QmZ4OWwzV2hjZHo4S1FxcnRNVEx4bHI5ZG5weHJQVGVpMUw4Zzh0ZC9WMi84QWtrRmhuNzN2V2tnVElJTUtLWHVSMXhXU1NHaGx0bUFXMDgvN05LcFdvdWZYSmQvdHR2NTRkWktIOWRjM2RET0tMVi9DY0k2Z0lUek43cVF6QXhmSEZZY3ljdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
305464
content-length
0
expires
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/ 		430 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 09:52:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
85647
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138013
x-xss-protection
0
server
cafe
etag
17202369310903786887
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 26 Nov 2024 09:52:14 GMT
cdb
bidder.criteo.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=184&cb=37861465625
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 28 Nov 2023 09:39:41 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
cdb
bidder.criteo.com/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=184&cb=89939067871
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 28 Nov 2023 09:39:40 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
cdb
bidder.criteo.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=184&cb=60253531098
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e5ae5bb0c1e14f869098287f210cd8100959cc43be70ef96ccdd77ec6c00bec6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 28 Nov 2023 09:39:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
translator
hbopenbid.pubmatic.com/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=64
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 28 Nov 2023 09:39:40 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=72
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 28 Nov 2023 09:39:40 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
213794966
fundingchoicesmessages.google.com/i/ 		161 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/213794966?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3b07ef4d47c67d270480af1e1921eff931eaa0621ebaa9b3a0a84dc15c71b573
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-T7xetv6wSel1S9Aak9GHsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:41 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-T7xetv6wSel1S9Aak9GHsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
hub.js
p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/ Frame D556 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/hub.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.104 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 14:57:37 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 18 Nov 2016 04:14:33 GMT
server
Lego Server
age
3881
etag
"582e8029-1e6a"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
1069076616100404770
accept-ranges
bytes
content-length
2483
expires
Tue, 14 Nov 2023 14:57:37 GMT
c
sal.isanook.com/sa/ 		35 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sal.isanook.com/sa/c?v=1&_v=j41&a=53140275&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QAAAAAABC~&cid=504081704.1701164382&tid=SA-8147095-6&cd4=0&cd8=b&z=508924620
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.94.165 Bang Phli, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-94-165.static.asianet.co.th
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 28 Nov 2023 09:39:41 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
no-cache, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35
Expires
Thu, 01 Jan 1970 00:00:01 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame ED78 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=155631
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 28 Nov 2023 09:39:41 GMT
expires
Thu, 30 Nov 2023 04:53:32 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DAD8 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=155631
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 28 Nov 2023 09:39:41 GMT
expires
Thu, 30 Nov 2023 04:53:32 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
events
bidder.criteo.com/csm/ 		0
192 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 28 Nov 2023 09:39:41 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 22 Nov 2024 09:39:41 GMT
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 22 Nov 2024 09:39:41 GMT
hb
rtb-eu.andbeyond.media/ 		22 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-eu.andbeyond.media/hb?zone=136922&v=1.6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.sanook.com
Date
Tue, 28 Nov 2023 09:39:41 GMT
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
22
bid-request
a.teads.tv/hb/ 		416 B
874 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
11a5d5961bf0105ac17236d2003c7d57fea97879f89d4d621ee1bf193a5938ab

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:41 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
302
expires
Tue, 28 Nov 2023 09:39:41 GMT
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=235
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 28 Nov 2023 09:39:41 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
tencentth-d.openx.net/w/1.0/ 		173 B
581 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tencentth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sanook.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=4149e1c1-7630-4bd7-8420-18c3af2a1f9c&nocache=1701164381708&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&aus=300x250%2C257x240%2C300x125&divids=rgpt-reca-4&aucs=%252F4899711%252Fwww.sanook%252Fdesktop%252Fall%252Findexpage%252Freca&auid=542511420
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a3d105f07541a26fed0c6a15dbc92dc88fc23d519022cdbad1e1c9c4b97bad82

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:41 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sanook.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		370 B
882 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17864&site_id=385176&zone_id=2142876&size_id=15&alt_size_ids=570&rf=https%3A%2F%2Fwww.sanook.com%2F&kw=%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%2C%E0%B8%AB%E0%B8%A7%E0%B8%A2%2C%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A%E0%B8%B2%E0%B8%A5%2C%E0%B8%9F%E0%B8%B1%E0%B8%87%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%2CJoox%2C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%2C%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%2C%E0%B8%A7%E0%B8%B2%E0%B9%84%E0%B8%A3%E0%B8%95%E0%B8%B5%E0%B9%89%2C%E0%B8%81%E0%B8%B5%E0%B8%AC%E0%B8%B2%2C%E0%B8%AB%E0%B8%99%E0%B8%B1%E0%B8%87%2C%E0%B8%A5%E0%B8%B0%E0%B8%84%E0%B8%A3%2C%E0%B8%84%E0%B8%A5%E0%B8%B4%E0%B8%9B%E0%B8%A7%E0%B8%B4%E0%B8%94%E0%B8%B5%E0%B9%82%E0%B8%AD%2C%E0%B8%AA%E0%B8%B8%E0%B8%82%E0%B8%A0%E0%B8%B2%E0%B8%9E%2C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%9A%E0%B8%B1%E0%B8%99%E0%B9%80%E0%B8%97%E0%B8%B4%E0%B8%87%2Csanook%2C%E0%B8%A7%E0%B8%B4%E0%B9%80%E0%B8%84%E0%B8%A3%E0%B8%B2%E0%B8%B0%E0%B8%AB%E0%B9%8C%E0%B8%9A%E0%B8%AD%E0%B8%A5%2C%E0%B9%80%E0%B8%81%E0%B8%A1%2C%E0%B8%94%E0%B8%B9%E0%B8%97%E0%B8%B5%E0%B8%A7%E0%B8%B5%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C&tg_i.page=https%3A%2F%2Fwww.sanook.com%2F&tg_i.domain=sanook.com&tg_i.pbadslot=%2F4899711%2Fwww.sanook%2Fdesktop%2Fall%2Findexpage%2Freca&tk_flint=pbjs_lite_v7.39.0&x_source.tid=4149e1c1-7630-4bd7-8420-18c3af2a1f9c&l_pb_bid_id=18edd592541568f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F4899711%2Fwww.sanook%2Fdesktop%2Fall%2Findexpage%2Freca&slots=1&rand=0.704886288327156
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2d2c3c795baa2b2f2643a148cb175863c0d5e653ca60a26558fe0b91f65c8002

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:41 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
370
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=575406
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f6ea1b447e88e46b21370c89f65d8cf8ae8fb5904638468e57f006df30d4340

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6elwin%2FJK9XoAYk2nEjwl0ztzXlLrjW7T%2FeQ4x1NG9e8SiIcdbUzqokWGcTkwIQQzfzZyl5A7rbDW3VOow7YdfQHWgta0hFRqBuJuOIHNeqilvgDCxfvWle4pFWiF0gphkxN9Bxh"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
82d1a52a1fee195e-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/ 		139 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
cf5b33ab5d489294cb53df9ce403bdec785f6e714733f263c2a637130a4a5715
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:41 GMT
an-x-request-uuid
622815ca-0878-45f1-b0c9-93be8a721fd7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
195.206.105.130; 195.206.105.130; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
events
bidder.criteo.com/csm/ 		0
192 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 28 Nov 2023 09:39:40 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bid-request
a.teads.tv/hb/ 		413 B
877 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9a9dddb84e93b5642ca2ca712395d322f1d7b78fd93765e9004893c53d482ce3

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:41 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
304
expires
Tue, 28 Nov 2023 09:39:41 GMT
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=853
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 28 Nov 2023 09:39:41 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
PugMaster
image6.pubmatic.com/AdServer/ Frame ED78 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=23359717&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
d96713d629d34f96fc5648ff5d616564a075f84af24f3fa21aec0b7ebede6899

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 28 Nov 2023 09:39:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
AGSKWxVcxXKL1BKGHZncNuPKQEspdyJBmEtXRmc3zk4_-fAMIHS3MLgIqGMCDOJhyxy9rIU0CfgzfAtKtyWGe09Xp2O-2x6JA7_2FESbejnLZLuUlGxSaPJr-0uvScjuaVRjfRh98aR9hA==
fundingchoicesmessages.google.com/f/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVcxXKL1BKGHZncNuPKQEspdyJBmEtXRmc3zk4_-fAMIHS3MLgIqGMCDOJhyxy9rIU0CfgzfAtKtyWGe09Xp2O-2x6JA7_2FESbejnLZLuUlGxSaPJr-0uvScjuaVRjfRh98aR9hA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxMTY0MzgxLDc0MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuc2Fub29rLmNvbS8iLG51bGwsW1s4LCJOdHM1THZZSW9iayJdLFs5LCJkZSJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMyTmwD9vZzPw60_wPGGncvG1CmM1A/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
84efd7618de2b2b5aef333f8ba2496ff5de378ad842bde3f7dcca2f67851b954
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-D5jd4j9RsvNoNUgv1rd6XA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:41 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-D5jd4j9RsvNoNUgv1rd6XA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-a9a7"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 29 Nov 2023 09:39:41 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:38:20 GMT
content-encoding
gzip
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
7282
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
yR2s-eHLR8Nz_axz8_Hpd33giQe7tZxGQPKPamqxFrv-KzRUepttVQ==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:6a00:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Mon, 27 Nov 2023 10:03:28 GMT
Via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
84974
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
XR4gto1djMKN6P_nfdlhwGOPR9gvAk43LvKvl_dmuDvQXzQgnLmPUA==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 15:01:28 GMT
content-encoding
gzip
age
1535893
x-guploader-uploadid
ABPtcPrkeBTNnr7iwEOQsOO1crWmoZ9iqL2ey0CP8aUBoDmjemJ9aPIOtU-feRiw5Wy2dKUFws4yGGOQFv5l4BNB7C1_dbA4tPMg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 09 Nov 2024 15:01:28 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		156 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb0ffc718150a248851bb00c3a56553d8a0a083b94f32eaa2a854bcd1004e172
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:41 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Nov 2023 08:38:44 GMT
server
cloudflare
x-amz-request-id
2TD09CYBT4EXA26N
age
3066
etag
W/"09d8f0d5b8d48e4b8d1d7611a80441dc"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
82d1a52a9d3065cc-FRA
x-amz-id-2
d46p8yL1oZn4s8Hn0OzOYmo5qczOgsU5lt+Czd8xso1RtmTO4q9zzSDDZDarPo1w12w6r+0dCLQ=
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
16457
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230058-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1SmlyfllXIbnHX6dbx2eGeWhRsSGRkNvRJdo1BhTrEhKyN%2Bcky815yPaz884EOWqDRVsJ1rZtR7wJ%2FkXy2KvWq5MGrnxv%2F7ZHOWjFN6eJVqgrImy9%2FLF6JsdAXO78Ge5FOxATyDjFzDY2vk53EU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82d1a52a7a8590ef-FRA
ads
securepubads.g.doubleclick.net/gampad/ 		720 B
470 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1776707198809051&correlator=721320721827763&eid=31079694%2C31079525%2C31068825&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2CSkyscraper&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=130x445&ifi=1&didk=1874942343&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701164381750&lmt=1701164381&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&psz=0x0&msz=0x0&fws=132&ohw=130&ga_vid=138966829.1701164380&ga_sid=1701164382&ga_hid=1427225150&ga_fc=true&dlt=1701164379483&idt=2053&ppid=9ba30a39a14ffec21373eec556ab75a5&prev_scp=category%3Dall&adks=908668280&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8bb00acf4880efb28eed53e6dabac625b96144d619d0ed4da1ff7859148f046b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:42 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
365
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1776707198809051&correlator=827659270664416&eid=31079694%2C31079525%2C31068825&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cuniversalb&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&ifi=2&didk=2096832710&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701164381756&lmt=1701164381&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=138966829.1701164380&ga_sid=1701164382&ga_hid=1427225150&ga_fc=true&dlt=1701164379483&idt=2053&ppid=9ba30a39a14ffec21373eec556ab75a5&prev_scp=category%3Dall&adks=345054422&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd627fa4597316586513b71c7a8c3444916e144d103061305003cfed99d0ccad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12392
x-xss-protection
0
google-lineitem-id
5582840632
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138452573066
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4971 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 09:39:41 GMT
expires
Wed, 27 Nov 2024 09:39:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxUljlmK9TtV0wnWoblaFDaIau135g5md202ipQ4kl6uOCOtFAKQEWPOHYYwXi-BlSbd9l9vdq1PJpjXnIUefNaQzMTJH16FvtS09FlVlnP1yBUR9CEJir1G0qE7F368-jT88ZWodw==
fundingchoicesmessages.google.com/f/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUljlmK9TtV0wnWoblaFDaIau135g5md202ipQ4kl6uOCOtFAKQEWPOHYYwXi-BlSbd9l9vdq1PJpjXnIUefNaQzMTJH16FvtS09FlVlnP1yBUR9CEJir1G0qE7F368-jT88ZWodw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxMTY0MzgxLDc5NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXSwiaHR0cHM6Ly93d3cuc2Fub29rLmNvbS8iLG51bGwsW1s4LCJOdHM1THZZSW9iayJdLFs5LCJkZSJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMyTmwD9vZzPw60_wPGGncvG1CmM1A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbff698866ede7087892e8cfe85c5bf2ba2f3796d64986c7368f931f5be6d519
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Im7B9pxI7q3qz8sRi4T-NQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:41 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Im7B9pxI7q3qz8sRi4T-NQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
d
dc.sanook.com/sanookStat/userActBinary/ 		0
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dc.sanook.com/sanookStat/userActBinary/d?v=1&_v=j41&a=53140275&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cd4=0&cd22=firstpage&cd23=indexpage&_gid=1310047379.1701164381&_u=AAAAAEABC~&cid=138966829.1701164380&tid=DC-8147095-6&z=1925681146
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
203.151.130.71 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
71.130.151.203.sta.inet.co.th
Software
nginx/1.16.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 28 Nov 2023 09:39:43 GMT
Server
nginx/1.16.0
Connection
keep-alive
Transfer-Encoding
chunked
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2F&rid=esp&cc=1
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2F&rid=esp&cc=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
da9dd4e2d9eda2ce4af40e47828d08ab38165d669469dc422b86a47ed4dcfafa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:42 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-2nhGQSbbVFVxbIjF/w3hnUmj5rI"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Tue, 28 Nov 2023 09:39:41 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.sanook.com
location
/esp?url=https%3A%2F%2Fwww.sanook.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
img
sync.mathtag.com/sync/ Frame 0ABA 		43 B
443 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1143 599e619 master cdg cdg-pixel-x11 config_version:"1993" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 28 Nov 2023 09:39:41 GMT
Expires
Tue, 28 Nov 2023 09:39:40 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1143 599e619 master cdg cdg-pixel-x11 config_version:"1993"
Pug
simage2.pubmatic.com/AdServer/ Frame 8C4D
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 09:39:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 09:39:41 GMT
expires
Tue, 28 Nov 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
754757
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame A3EA
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BC54E062-1912-470B-9D76-E7D9475C5311&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BC54E062-1912-470B-9D76-E7D9475C5311&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BC54E062-1912-470B-9D76-E7D9475C5311&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 28 Nov 2023 09:39:42 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
JJ4AR5A88TQ93V7N1BCE

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 28 Nov 2023 09:39:41 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BC54E062-1912-470B-9D76-E7D9475C5311&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
8GAP10MHMBYGFX6E1MY4
Pug
image2.pubmatic.com/AdServer/ Frame C652
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=A_ssf1f7Ly8Y_ip5U_03eAStKC4YrCt7VPj3gfYK
42 B
563 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=A_ssf1f7Ly8Y_ip5U_03eAStKC4YrCt7VPj3gfYK
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 09:39:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 28 Nov 2023 09:39:42 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=A_ssf1f7Ly8Y_ip5U_03eAStKC4YrCt7VPj3gfYK
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 3AB8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2297806412148916301&gdpr=0&gdpr_consent=
42 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2297806412148916301&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 09:39:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
2e53073b-61f6-4a98-9efc-6815fa7ef2e9
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 09:39:41 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2297806412148916301&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
195.206.105.130; 195.206.105.130; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3DA0
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7306445381536970894&gdpr=0&gdpr_consent=
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7306445381536970894&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 09:39:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Tue, 28 Nov 2023 09:39:41 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7306445381536970894&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 7E8A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=34e8b9fc-fa7d-4ee9-bf13-c922729d09c1&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=779824a1-9984-450a-b204-92613bcdcff3&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
185 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=779824a1-9984-450a-b204-92613bcdcff3&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 09:39:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 28 Nov 2023 09:39:42 GMT
location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=779824a1-9984-450a-b204-92613bcdcff3&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Pug
simage2.pubmatic.com/AdServer/ Frame 90E2
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=knAKLyoyX0tzy3brmzysSMPOaYI&gdpr=0&gdpr_consent=
42 B
378 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=knAKLyoyX0tzy3brmzysSMPOaYI&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 09:39:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Tue, 28 Nov 2023 09:39:42 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=knAKLyoyX0tzy3brmzysSMPOaYI&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame A821
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEdGhFN0t5MnNBQUJjUHRid0N1Zw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AADthE7Ky2sAABcPtbwCug&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AADthE7Ky2sAABcPtbwCug&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AADthE7Ky2sAABcPtbwCug&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=8836778444770321177&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADthE7Ky2sAABcPtbwCug&gdpr=0&gdpr_consent=
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADthE7Ky2sAABcPtbwCug&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 09:39:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 28 Nov 2023 09:39:42 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADthE7Ky2sAABcPtbwCug&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame D1C5
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU628bb0de99634e18b11c999b65ffb898
42 B
359 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU628bb0de99634e18b11c999b65ffb898
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 09:39:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 09:39:41 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU628bb0de99634e18b11c999b65ffb898
pragma
no-cache
server
nginx
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame ED78
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vFTgYhkSRwuddufZR1xTEQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:41 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=155631
accept-ranges
bytes
content-length
5622
expires
Thu, 30 Nov 2023 04:53:32 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame ED78
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=BC54E062-1912-470B-9D76-E7D9475C5311&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=BC54E062-1912-470B-9D76-E7D9475C5311&gdpr=0&gdpr_consent=&ct=y
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=BC54E062-1912-470B-9D76-E7D9475C5311&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Server
18.202.86.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-86-19.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:42 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.13.162
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:41 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=BC54E062-1912-470B-9D76-E7D9475C5311&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.45.14.129
content-length
0
expires
0
cr
cr.frontend.weborama.fr/ Frame ED78
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3223978369
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3223978369
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:41 GMT
via
1.1 google
last-modified
Tue, 28 Nov 2023 09:39:41 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:41 GMT
via
1.1 google
last-modified
Tue, 28 Nov 2023 09:39:41 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3223978369
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame ED78
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=BC54E062-1912-470B-9D76-E7D9475C5311
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=N2lkaEcwT1JlUFdUSFdWV1FkR3lubnYwdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=3272303205484064919&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
HTTP/1.1
Server
34.246.239.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-239-231.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 09:39:42 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 28 Nov 2023 09:39:42 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame ED78
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkM1NEUwNjItMTkxMi00NzBCLTlENzYtRTdEOTQ3NUM1MzEx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 09:39:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame ED78
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKNUl2If4oXhdNq6Ws-oEpQ&google_cver=1
42 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKNUl2If4oXhdNq6Ws-oEpQ&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 08:43:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKNUl2If4oXhdNq6Ws-oEpQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame ED78
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:1DA1F0AFECA740B28A374C19B15380E1
42 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:1DA1F0AFECA740B28A374C19B15380E1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 09:39:41 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Tue, 28 Nov 2023 09:39:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:1DA1F0AFECA740B28A374C19B15380E1
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 27 Nov 2023 09:39:42 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame ED78
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7466765702092464794
42 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7466765702092464794
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 09:39:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7466765702092464794
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame ED78 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:41 GMT
server
Kestrel
content-length
70
content-type
image/gif
SPug
image4.pubmatic.com/AdServer/ Frame ED78
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BC54E062-1912-470B-9D76-E7D9475C5311&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BC54E062-1912-470B-9D76-E7D9475C5311&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uSFVYGJE2uUo97PP_flA0Qb2gSg5lwM-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uSFVYGJE2uUo97PP_flA0Qb2gSg5lwM-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:41 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uSFVYGJE2uUo97PP_flA0Qb2gSg5lwM-~A&gdpr=0
date
Tue, 28 Nov 2023 09:39:41 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
BC54E062-1912-470B-9D76-E7D9475C5311
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame ED78 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/BC54E062-1912-470B-9D76-E7D9475C5311?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:3b2e:d970:bb65:e6b3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
image2.pubmatic.com/AdServer/ Frame ED78
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=fb7d78b1-e5c2-4231-bb5e-8050a5da0916-6565b55e-4348&gdpr=0&gdpr_consent=
42 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=fb7d78b1-e5c2-4231-bb5e-8050a5da0916-6565b55e-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 09:39:41 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:41 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=fb7d78b1-e5c2-4231-bb5e-8050a5da0916-6565b55e-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame ED78
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=BC54E062-1912-470B-9D76-E7D9475C5311&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=2e8cdbbe6f9216b7&is_secure=true&networkId=17100&version=1&nuid=BC54E062-1912-470B-9D76-E7D9475C5311&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIxg03NYY1OQMM5HySAAAAAAA&expiration=1701250782&nuid=BC54E062-1912-470B-9D76-E7D9475C5311&...
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIxg03NYY1OQMM5HySAAAAAAA&expiration=1701250782&nuid=BC54E062-1912-470B-9D76-E7D9475C5311&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 09:39:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:42 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIxg03NYY1OQMM5HySAAAAAAA&expiration=1701250782&nuid=BC54E062-1912-470B-9D76-E7D9475C5311&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame ED78
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8081171439538271367&gdpr=0&gdpr_consent=&us_privacy=
1 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8081171439538271367&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 09:39:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8081171439538271367&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 28 Nov 2023 09:39:41 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
view
securepubads.g.doubleclick.net/pcs/ Frame 859C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgajgr7t2i8qpoDOvpabcLGkhApcjwQuiRvTUZrzPa48Dm_f5wVClbP6_KFxrXC4FTR9QRjKjCVG_9XFtGAZU9vpL4Mjjzg5ivSveUiVWDJmZic9_WBfdssVhTJpROGiscZ4CC0S0zBkQTy51Xr2XyaBBZ6iB9lV5FnuP56N8N2HlAviHPOT9laZbw5T3DE55IYfoACeVKUbOibYWPSC939PMtZr9EZvShjoWYxS51tQFnei9FgNzUGhE7FylVJQ_h2Qz0i6EU8dFyC3xvdSD-Lh4X2GjL36h7dUofXIUyhhfWXCfih49qVrmqVAlfxeUytIwMduXnjKg7M0jHHHVDcSZpEOV_9ZjwHHsoCFppDQ&sai=AMfl-YQh6f17p5vz7bB7qS9tXF3G8RmoRL3e7s0ho_4UhYmb0niDHI9vGRHbnaYeZF0n8K3h3LI9ncRC7WHWRP60KoSFaDm2y4xcgFnPMhuUUAaMk4ktjfCj8HtNYB_kWYDuQLg17Unk9STnJOzQOvqca5s&sig=Cg0ArKJSzOjnh4I1jcGlEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 859C 		99 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d81cce3b76dfc9c7fadc623d12df283d45280970ff724c788e4546a6d90fcd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30770
x-xss-protection
0
server
cafe
etag
598 / 19689 / 31079744 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 09:39:41 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 859C 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 09:39:43 GMT
events
bidder.criteo.com/csm/ 		0
192 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 28 Nov 2023 09:39:41 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=911
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 28 Nov 2023 09:39:41 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
map
bcp.crwdcntrl.net/6/ 		233 B
689 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.8.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-8-73.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
3c968e05e8c4f75bd654106b4bdff27a3b7002a29cbb8e089b1b0095673d845c

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:41 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache
x-server
10.45.0.95
access-control-allow-credentials
true
content-length
233
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		67 KB
25 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1776707198809051&correlator=1398294983267928&eid=31079694%2C31079525%2C31068825&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cbillboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1%7C1150x90%7C1090x250&ifi=3&didk=498303881&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D897ca9748f165b43%3AT%3D1701164381%3ART%3D1701164381%3AS%3DALNI_MZApuoqJB8_uH13FGkFP1mXp-bOaw&gpic=UID%3D00000ce835854c4d%3AT%3D1701164381%3ART%3D1701164381%3AS%3DALNI_MadVc1BJqhnf3N54Z_BMF71BAD3Fg&abxe=1&dt=1701164381901&lmt=1701164381&adxs=225&adys=-90&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&psz=1150x-1&msz=1150x-1&fws=4&ohw=1150&psts=AOrYGsnLir3WD_I4BpEiKn1PO_VAInpuNXU0HJoXwGL3hfl71-H52T7XpIfPjpFk3WT5R-66l1qQqvhgiZdDh1Lk-hpmLPhrr_ZNH2DwfMhGCGk7K4ipGOIysHM&ga_vid=138966829.1701164380&ga_sid=1701164382&ga_hid=1427225150&ga_fc=true&dlt=1701164379483&idt=2053&ppid=9ba30a39a14ffec21373eec556ab75a5&prev_scp=category%3Dall&adks=3448326100&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dbf50ccfd2d8330dc37e49ceac844ef2a01d7fc1f5d0b9f6753dbe7a54bd4c41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25116
x-xss-protection
0
google-lineitem-id
6396071453
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138453859463
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 37E3 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 28 Nov 2023 09:39:41 GMT
ETag
"623de86a-cf34"
Expires
Wed, 29 Nov 2023 09:39:43 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 6E8D 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
452
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
82d1a52b5bd68fe8-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 28 Nov 2023 09:39:41 GMT
expires
Tue, 28 Nov 2023 13:39:41 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame 0052 		653 B
715 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
6e7c72506bd86b67b9ee08149c65bb5b97a7e6f1dc44c2bf66b8bebfdfa97203

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
412
content-type
text/html
date
Tue, 28 Nov 2023 09:39:41 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame AEC3 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 28 Nov 2023 09:39:41 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
increment
id5-sync.com/api/esp/ 		0
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 28 Nov 2023 09:39:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
sd
us-u.openx.net/w/1.0/ Frame 0052
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=DPDVgFjw1tAX9dOHAqfOgw-hgNQXp9CHC_JgGLEv
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=DPDVgFjw1tAX9dOHAqfOgw-hgNQXp9CHC_JgGLEv
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:42 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=DPDVgFjw1tAX9dOHAqfOgw-hgNQXp9CHC_JgGLEv
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 0052
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3272303205484064919
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3272303205484064919
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3272303205484064919
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame 0052
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=15f6d5bc-2abe-8767-b40a-3e3c21616b1e
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=15f6d5bc-2abe-8767-b40a-3e3c21616b1e&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=15f6d5bc-2abe-8767-b40a-3e3c21616b1e&dcc=t
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
HTTP/1.1
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 09:39:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TW2M2C4CWQDY9P2Y2EPK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 09:39:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JEPXGWB85KMAVGH2NWYE
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=15f6d5bc-2abe-8767-b40a-3e3c21616b1e&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame 0052 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=4d20a9c1-3614-3c9d-7404-bcab4952a0fe&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:41 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 0052 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjE0ZjdhMGItZmY2My02MjM5LTYxZTQtZTYxMjgzYjA2ZTll
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0052
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIQY-ovI4O86mfTwalTDvno&google_cver=1
43 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIQY-ovI4O86mfTwalTDvno&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIQY-ovI4O86mfTwalTDvno&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/ Frame 859C 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb7ae0f257f7da390f8c60998add4e543e1a56d4d5a22a1a494365b4fb8b5315
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 13:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
74334
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137994
x-xss-protection
0
server
cafe
etag
6213585212225905441
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 26 Nov 2024 13:00:47 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 714D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuW5u0O-OyM_qiGulvgi9UD0pHY4afTxuONkRsJRUWpEPbhASM2zo-RG4lt2oBl5KiG58vVAks3uS8MI2DtUF8dnwmH7lHcOoFGsEMj1gAwmH1_moWnOG8XPCUkT2XCKS7arFURIDFGEEyJpSha_cqbGLpv1D2P_IQTkAj6XF6mf1z5sSsvlkWz-G1gUOpBWQweaDq70R1gQKqAufWMvH06GJtqcPtnqVb9c4QZVIXOA1nehUEA0YlMw2CUDbmQPMD8l8X87YdHAITAuyk4_pXqhCxVskooIBIUe5tApBiu8t6Gz8e5WmjaD-uFolQRQfU5jp_xD641nAy4Z2IURZ8RxJmhBO_C9_Ms-qrpoaGR&sai=AMfl-YT8yCyA55ryJnq8PBXOlfkRiiNi5eyhgo8txQGX0DujgtZrezJecVMAigIxB3NU98EFGeeaEGP6lYkWxbNSVHRxlDx3C2ECrNZqo7tDIDz6oMPal7vddgdxbzu6LZwcIcZ7-LA2KuvZtHmXHXpp79o&sig=Cg0ArKJSzBawm70kO08aEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 714D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
84627
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Dec 2023 10:09:15 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 714D 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:08:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
1888
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 09:08:14 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 714D 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 09:39:43 GMT
o_1hf3t5b31ji414ceuqk12vb1s05j.jpg
img-as.fsanook.com/files/uploads/ads/dfp/20231113/ Frame 714D 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-as.fsanook.com/files/uploads/ads/dfp/20231113/o_1hf3t5b31ji414ceuqk12vb1s05j.jpg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
6fd68addfad323c636fb7b5883cd465654f05ff993cb8c753ce56499a83e4889

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 17:00:19 GMT
x-cache-lookup
Cache Hit
last-modified
Mon, 13 Nov 2023 08:35:56 GMT
server
Lego Server
age
0
etag
"6551dfec-15988"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
x-nws-log-uuid
1228277619535044578
accept-ranges
bytes
content-length
88456
expires
Thu, 14 Dec 2023 17:00:19 GMT
l
www.google.com/ads/measurement/ Frame 714D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS9982gyxHZBB64cSA85ZOAHxIzFjIT5p9lnNM-qCimeHykWFOBe8tDr6Gio9QiBF95k44DXmrERFUJZpbn1HLrcW7dZg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame 714D 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9cabeb253e4ea8def793cb32a890c1dbf05f0413a8723a7d73c5694049b01b0c

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
usync.js
eus.rubiconproject.com/ Frame AEC3 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7ac6c155aa063758c1222c3990d67266f05ada2514d4fe7485797a7d994706ff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 09:39:42 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Nov 2023 06:50:38 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76211
Connection
keep-alive
Content-Length
13230
Expires
Wed, 29 Nov 2023 06:49:53 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1776707198809051&correlator=935371037296484&eid=31079694%2C31079525%2C31068825&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Creca&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C257x240%7C300x125&ifi=4&didk=4218483591&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D897ca9748f165b43%3AT%3D1701164381%3ART%3D1701164381%3AS%3DALNI_MZApuoqJB8_uH13FGkFP1mXp-bOaw&gpic=UID%3D00000ce835854c4d%3AT%3D1701164381%3ART%3D1701164381%3AS%3DALNI_MadVc1BJqhnf3N54Z_BMF71BAD3Fg&abxe=1&dt=1701164382035&lmt=1701164382&adxs=1033&adys=1076&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&psts=AOrYGsnLir3WD_I4BpEiKn1PO_VAInpuNXU0HJoXwGL3hfl71-H52T7XpIfPjpFk3WT5R-66l1qQqvhgiZdDh1Lk-hpmLPhrr_ZNH2DwfMhGCGk7K4ipGOIysHM%2CAOrYGsm0Mr3Y78lrfTJHHVEgk5GTcUYhKhHpNxw1pWLHmvZgml4Rkr-hjrPdPG10zgWZAC6k2RUc2iysqid-0rrOJv1W7iPxtxbrmux4Vuydzc6-MA&ga_vid=138966829.1701164380&ga_sid=1701164382&ga_hid=1427225150&ga_fc=true&dlt=1701164379483&idt=2053&ppid=9ba30a39a14ffec21373eec556ab75a5&prev_scp=category%3Dall%26pwtverid%3D69%26pwtprofid%3D781%26pwtpubid%3D155976%26pwtbst%3D1%26pwtplt%3Ddisplay%26pwtsz%3D300x250%26pwtecp%3D0.59%26pwtsid%3D368341781994663%26pwtpid%3Dteads&adks=4033539290&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2c9a870b31446dc6a8a7589f13727c6da36d0af861fbbb537b121e8d6f836e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:42 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12224
x-xss-protection
0
google-lineitem-id
4682923593
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138234012087
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1776707198809051&correlator=3683856818749426&eid=31079694%2C31079525%2C31068825&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cleaderboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90%7C468x60&ifi=5&didk=3402878631&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D897ca9748f165b43%3AT%3D1701164381%3ART%3D1701164381%3AS%3DALNI_MZApuoqJB8_uH13FGkFP1mXp-bOaw&gpic=UID%3D00000ce835854c4d%3AT%3D1701164381%3ART%3D1701164381%3AS%3DALNI_MadVc1BJqhnf3N54Z_BMF71BAD3Fg&abxe=1&dt=1701164382045&lmt=1701164382&adxs=0&adys=1811&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&psts=AOrYGsnLir3WD_I4BpEiKn1PO_VAInpuNXU0HJoXwGL3hfl71-H52T7XpIfPjpFk3WT5R-66l1qQqvhgiZdDh1Lk-hpmLPhrr_ZNH2DwfMhGCGk7K4ipGOIysHM%2CAOrYGsm0Mr3Y78lrfTJHHVEgk5GTcUYhKhHpNxw1pWLHmvZgml4Rkr-hjrPdPG10zgWZAC6k2RUc2iysqid-0rrOJv1W7iPxtxbrmux4Vuydzc6-MA&ga_vid=138966829.1701164380&ga_sid=1701164382&ga_hid=1427225150&ga_fc=true&dlt=1701164379483&idt=2053&ppid=9ba30a39a14ffec21373eec556ab75a5&prev_scp=category%3Dall%26crt_pb%3D0.28%26crt_bidid%3Dvppjo%26pwtverid%3D69%26pwtprofid%3D781%26pwtpubid%3D155976%26pwtbst%3D1%26pwtplt%3Ddisplay%26pwtsz%3D728x90%26pwtecp%3D0.10%26pwtsid%3D37e5200094e4d21%26pwtpid%3Dteads&adks=3667654068&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00c463d340aefeef0168f4e282d2e294ed65e607fae4644628192c96adef7bfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12333
x-xss-protection
0
google-lineitem-id
4362651294
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138245638452
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
avd.innity.com/dc/ 		43 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/dc/?cl=225&cuid=4bc4b60b4a1238275f489ebd63ce05a7&cb=1701164382050&douid=&sess=205122069.225.1701164382050&dur=0&ref=https%3A%2F%2Fwww.sanook.com%2F&srf=&pk=&pt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sr=1600x1200&ul=en-US&de=UTF-8&vp=1600x1200
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
10.d8.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 09:39:42 GMT
Last-Modified
Tue, 28 Nov 2023 09:39:42 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
/
avd.innity.com/sync/ 		43 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/sync/?partner=innity&token=4bc4b60b4a1238275f489ebd63ce05a7&type=cookie&itmcb=1701164382050
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
10.d8.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 09:39:42 GMT
Last-Modified
Tue, 28 Nov 2023 09:39:42 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
async_usersync
ib.adnxs.com/ Frame 37E3 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:42 GMT
an-x-request-uuid
9693b5a2-2b0e-4717-b744-6c6cfc8b8735
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
195.206.105.130; 195.206.105.130; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 73DF
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
854 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a21ce6cb6df889bfcc5b718c5be12035124e27cd082db3fac9e9b645cf01a1b9

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82d1a52c9b65195e-FRA
content-encoding
br
content-type
text/html
date
Tue, 28 Nov 2023 09:39:42 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4YT8Vwrlag7KMSoaUpDnQgDPAL1xzHPaYBA8Ycau0RfWB3epf7nG6YFNVKGX5I%2F7wwY%2BaE%2B7Sj4f02yga590uVRPwJru1qFuqtkwPnG6nTKVrpoSzFlHsQXsDtNyhyWLUHv%2Fb7P97BCCAA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82d1a52c3aea195e-FRA
content-length
0
date
Tue, 28 Nov 2023 09:39:42 GMT
expires
0
location
/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8oHncWknzHZr%2F2GsPCL8fCVpbY0Up71I3hBLlP2TnljVOznZ8tu8nS06%2BF46WjwTG%2BaA51ucuMG%2FxRgHWDTKkMgp9LKO%2F2amF1lpV15N7EwVv5Or462ZNNW6DmRtW%2B%2BSu3ILsrYTzKDbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sanook_thumbnail_1200x720(2).jpg
s.isanook.com/fi/0/fp/392/1961681/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1961681/sanook_thumbnail_1200x720(2).jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
00d8c42cbca8a249b0ffcbf3ec62a66eb533ec4b952c2fd09b8051353b0eed42
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:07:34 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
303
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
5509506823450293321
accept-ranges
bytes
content-length
11202
expires
Thu, 28 Dec 2023 09:07:34 GMT
sanook_thumbnail_1200x720(1).jpg
s.isanook.com/fi/0/fp/392/1961613/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1961613/sanook_thumbnail_1200x720(1).jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
86130af3b528206d73fe22fd80a119507fe1c1f6b0cc6946a0ce8ebb1821103d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:57:58 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
66
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
7551589497114973460
accept-ranges
bytes
content-length
10337
expires
Thu, 28 Dec 2023 07:57:58 GMT
tagline-template-update-april.jpg
s.isanook.com/fi/0/fp/392/1961501/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1961501/tagline-template-update-april.jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
46d0a73a1843aa2d81341b6e1e10fdc78b84f4a8438e0a71cfde6c532f7f4a73
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 05:41:18 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
2086847571477367027
accept-ranges
bytes
content-length
8666
expires
Thu, 28 Dec 2023 05:41:18 GMT
tagline-template-update-april.jpg
s.isanook.com/fi/0/fp/392/1961505/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1961505/tagline-template-update-april.jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
779227a82c0f4205323dab8bd4c4767bb90a7283aedccd59620b169f41e1897f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 05:46:38 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
4050830860725515345
accept-ranges
bytes
content-length
8707
expires
Thu, 28 Dec 2023 05:46:38 GMT
khaos.json
token.rubiconproject.com/ Frame AEC3 		7 B
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
b71bced807741b20dd93dce6c2d26405
Expires
0
15.jpg
s.isanook.com/fi/0/fp/392/1961669/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1961669/15.jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
0031bfa16aed3b634e7497fe63cd4b52fc3da7d39d671505535ce5bea6d1d35c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:23:07 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
17800731154394559510
accept-ranges
bytes
content-length
11734
expires
Thu, 28 Dec 2023 09:23:07 GMT
3.jpg
s.isanook.com/fi/0/fp/392/1961665/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1961665/3.jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
782a2b9f3d56c694ea581f46f075d8fdb343f61359ff43bf62e53acbaa9fd272
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 08:45:53 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
3492681899085590993
accept-ranges
bytes
content-length
10774
expires
Thu, 28 Dec 2023 08:45:53 GMT
peter.jpg
s.isanook.com/fi/0/fp/392/1961649/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1961649/peter.jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
de75f444078a5fd5e4d8ea3ee8ed9d888bf10ed5fc3b0fbe432ee66ef584b0cf
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 08:25:54 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
1720689250359620522
accept-ranges
bytes
content-length
8549
expires
Thu, 28 Dec 2023 08:25:54 GMT
15.jpg
s.isanook.com/fi/0/fp/392/1961645/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1961645/15.jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
3e493da1be1cceefedfccc43c12499f50ffe5ddf4bc76eeac417d97ae29283d5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 08:15:13 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
395
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
1188357081194474254
accept-ranges
bytes
content-length
8282
expires
Thu, 28 Dec 2023 08:15:13 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 859C 		932 KB
96 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4383154952573800&correlator=146989835804814&eid=31079234%2C31079744%2C31079525&output=ldjh&gdfp_req=1&vrg=202311140101&ptt=17&impl=fif&us_privacy=1---&iu_parts=21927187246%2C55034_Sanook_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&didk=607409652&sfv=1-0-40&sc=1&cookie=ID%3D779d8a5abf6be51a%3AT%3D1701164381%3ART%3D1701164381%3AS%3DALNI_MbHFx0T2rPGLn9O5JimYHxRpXxznQ&gpic=UID%3D00000ce8367e14ec%3AT%3D1701164381%3ART%3D1701164381%3AS%3DALNI_MZokbY7vWMwtEbNv9-GIHt362L62w&abxe=1&dt=1701164382146&lmt=1701164382&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=owhgp41ghdfh&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.sanook.com%2F&ref=https%3A%2F%2Fwww.sanook.com%2F&top=https%3A%2F%2Fwww.sanook.com%2F&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&ga_vid=138966829.1701164380&ga_sid=1701164382&ga_hid=192133720&ga_fc=true&dlt=1701164381844&idt=259&adks=178697795&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0481313c647cbd585c8c414faf161ae3a39d9ae44d064d0eb043bc0538daa29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98047
x-xss-protection
0
google-lineitem-id
5849485604
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138373690262
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5c13bb0522ad66a75e65a3b5a75e9ebf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0BFF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5c13bb0522ad66a75e65a3b5a75e9ebf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 09:39:42 GMT
expires
Wed, 27 Nov 2024 09:39:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame C348 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhmAriFW0B69kM9EIBV5Rs84PzcNxTeKwYaYor9ksWdDJRH-g6xPFVrRxrvpAVUKVFn3B6i9ZDIa-fbA7Ms6YMZtpRNX_NAS__i6FiwM6NY3XyfX1MppBZKhAIzYEX1gLKraaZDyaXOvdmxiE6x4JMOr4LZTa-4XdsfUj7drAdnLkjmApS1uBo3kxBimK9hLqERA2bab-OOJkU5fHJ9Q1Kgj6xOE68VUu_GzgG3ybq43VzkW9Jvhq1TZn0fvbu1Lw_yVAP9Lv5RmqUfmxsI-CX4Ui5Gg2NEJztsavpNiULvYFHeIMEZbtJXB52_P4dKvFuccicKOFR_vKB6Kh83fvrEv7HiM5e6XhZA50QUfW4xv8&sai=AMfl-YSDY2bAwSPsh_rszIs_7uJbEdH9QJySh6TkME4M72T-FD8Q4-g0Qgs5B_4aEOw8D8Im8ceKDHbpc4-_cMN2GpqS5nRXBN1zCe-ldrsKCVaRl2pmgViZLZVvAleFZKhmX5qNmtU9zwAtuFYgjmWZUng&sig=Cg0ArKJSzKwJFiH_mtKAEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ajs.php
ads.eu.criteo.com/delivery/r/ Frame C348
Redirect Chain
  • https://cat.nl3.eu.criteo.com/tpd?dd=HRQYTl9rJTJCcEIwQmFic0RsYjZLNTdyVGZjVDRWb2t1NmE2ZXE3cTkybFNQOWpLcmJPcHJoNFFQOTBLSVRzbUpBOGlnMkpXblFXayUyQk1BSThjZGY2TEtJUW1uViUyQjdMaUhHM0tHVkUzNTJHMURsSWpuQjRY...
  • https://ads.eu.criteo.com/delivery/r/ajs.php?u=%7cZp38KVXALq08%2fYrXhhotVqVGreU3Bbu0P%2ftVbgbY0JY%3d%7c&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aIKEfN...
52 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/ajs.php?u=%7cZp38KVXALq08%2fYrXhhotVqVGreU3Bbu0P%2ftVbgbY0JY%3d%7c&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aIKEfNKmem9S1txPRYROydC60nhI_pOGga-u_21zC701UDFP5FxKdBM1G0fEVqd3w9j2Byj51QLHChOxtHWtwxxQ_ro8pjpR8Yluo_ywkgJR9AKbLrettRQFAxbvSuOZNOgKvpzUPPZWmYB53uSCxIJ19NDmbNb4bGNZeQ20XmxBU_s0xHPYrZmZCCan5sLRkcK5kTY4hE79MgITQvaV33hRBC__v-rXF0ZlJWoPPFD9NWf-As6UBDG6LdA6tu8sine9I_3RFptBJxSbiisscvYsTi7he28g2uGHw5X09FOXM8h84Y7Ib0dazYmAlPjBy5E240h3W_IP9PQKa9bObBwbR1toJYUEbAnJYgCHlE9wyJhEbIIazwXgFs_7hEynNF_jZHE3JGm8a9SYGcpWqefKurmbIWfh_DJohjijh2eaoYsErp8w7H-UJWmJZr1aFahgMgq0mBS66Rb46KrSsVpke7QcD2pOUAa_5sMEFJQgDqdmWA957oVbpDFaqfRY2CH3vYm4SCkSPkVIuj6jdpJp7HuVaPmY5A&r=https%3a%2f%2fads.eu.criteo.com%2fdelivery%2fr%2fajs.php%3fu%3d%257CZp38KVXALq08%252FYrXhhotVqVGreU3Bbu0P%252FtVbgbY0JY%253D%257C%26c1%3dJrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aIKEfNKmem9S1txPRYROydC60nhI_pOGga-u_21zC701UDFP5FxKdBM1G0fEVqd3w9j2Byj51QLHChOxtHWtwxxQ_ro8pjpR8Yluo_ywkgJR9AKbLrettRQFAxbvSuOZNOgKvpzUPPZWmYB53uSCxIJ19NDmbNb4bGNZeQ20XmxBU_s0xHPYrZmZCCan5sLRkcK5kTY4hE79MgITQvaV33hRBC__v-rXF0ZlJWoPPFD9NWf-As6UBDG6LdA6tu8sine9I_3RFptBJxSbiisscvYsTi7he28g2uGHw5X09FOXM8h84Y7Ib0dazYmAlPjBy5E240h3W_IP9PQKa9bObBwbR1toJYUEbAnJYgCHlE9wyJhEbIIazwXgFs_7hEynNF_jZHE3JGm8a9SYGcpWqefKurmbIWfh_DJohjijh2eaoYsErp8w7H-UJWmJZr1aFahgMgq0mBS66Rb46KrSsVpke7QcD2pOUAa_5sMEFJQgDqdmWA957oVbpDFaqfRY2CH3vYm4SCkSPkVIuj6jdpJp7HuVaPmY5A
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6b701945f719940518b28b5d00f105ef61e13f408f354b64728fc98639e59837
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:42 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
p3p
CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
5053143
pragma
no-cache
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
location
https://ads.eu.criteo.com/delivery/r/ajs.php?u=%7cZp38KVXALq08%2fYrXhhotVqVGreU3Bbu0P%2ftVbgbY0JY%3d%7c&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aIKEfNKmem9S1txPRYROydC60nhI_pOGga-u_21zC701UDFP5FxKdBM1G0fEVqd3w9j2Byj51QLHChOxtHWtwxxQ_ro8pjpR8Yluo_ywkgJR9AKbLrettRQFAxbvSuOZNOgKvpzUPPZWmYB53uSCxIJ19NDmbNb4bGNZeQ20XmxBU_s0xHPYrZmZCCan5sLRkcK5kTY4hE79MgITQvaV33hRBC__v-rXF0ZlJWoPPFD9NWf-As6UBDG6LdA6tu8sine9I_3RFptBJxSbiisscvYsTi7he28g2uGHw5X09FOXM8h84Y7Ib0dazYmAlPjBy5E240h3W_IP9PQKa9bObBwbR1toJYUEbAnJYgCHlE9wyJhEbIIazwXgFs_7hEynNF_jZHE3JGm8a9SYGcpWqefKurmbIWfh_DJohjijh2eaoYsErp8w7H-UJWmJZr1aFahgMgq0mBS66Rb46KrSsVpke7QcD2pOUAa_5sMEFJQgDqdmWA957oVbpDFaqfRY2CH3vYm4SCkSPkVIuj6jdpJp7HuVaPmY5A&r=https%3a%2f%2fads.eu.criteo.com%2fdelivery%2fr%2fajs.php%3fu%3d%257CZp38KVXALq08%252FYrXhhotVqVGreU3Bbu0P%252FtVbgbY0JY%253D%257C%26c1%3dJrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aIKEfNKmem9S1txPRYROydC60nhI_pOGga-u_21zC701UDFP5FxKdBM1G0fEVqd3w9j2Byj51QLHChOxtHWtwxxQ_ro8pjpR8Yluo_ywkgJR9AKbLrettRQFAxbvSuOZNOgKvpzUPPZWmYB53uSCxIJ19NDmbNb4bGNZeQ20XmxBU_s0xHPYrZmZCCan5sLRkcK5kTY4hE79MgITQvaV33hRBC__v-rXF0ZlJWoPPFD9NWf-As6UBDG6LdA6tu8sine9I_3RFptBJxSbiisscvYsTi7he28g2uGHw5X09FOXM8h84Y7Ib0dazYmAlPjBy5E240h3W_IP9PQKa9bObBwbR1toJYUEbAnJYgCHlE9wyJhEbIIazwXgFs_7hEynNF_jZHE3JGm8a9SYGcpWqefKurmbIWfh_DJohjijh2eaoYsErp8w7H-UJWmJZr1aFahgMgq0mBS66Rb46KrSsVpke7QcD2pOUAa_5sMEFJQgDqdmWA957oVbpDFaqfRY2CH3vYm4SCkSPkVIuj6jdpJp7HuVaPmY5A
cache-control
no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
244599
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
0
ret.php
apps.sanook.com/ Frame 236F 		0
355 B 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.sanook.com/ret.php
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
203.151.128.150 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
150.128.151.203.sta.inet.co.th
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
26
Content-Type
text/html; charset=UTF-8
Date
Tue, 28 Nov 2023 09:39:44 GMT
Keep-Alive
timeout=15, max=100
Server
Apache
Vary
Accept-Encoding
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C348 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 09:39:43 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame AE99 		378 B
539 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
173d4dbc8dfc752205eeba25c72f4d262b61c89e3b1dbce5a8054da4bb0972ef

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
234
content-type
text/html
date
Tue, 28 Nov 2023 09:39:42 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
dcm
s.amazon-adsystem.com/ Frame 73DF 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWW1XqgCJJeb8b4xiLm-EQAADPoAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 09:39:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KC7VY3AW7KQRD9A1CA05
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
362358.gif
idsync.rlcdn.com/ Frame 73DF
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZWW1XqgCJJeb8b4xiLm.EQAA%263322&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZWW1XqgCJJeb8b4xiLm.EQAA%263322&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=c7382279c93b475bb09b3965236bdf39
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=c7382279-c93b-475b-b09b-3965236bdf39
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=51cd3fc4-832c-4d9d-b60e-9e46e32d4b07%3A1701164383.462388&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D51cd3fc4-832c-4d9d-b60e-9e46e32d...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685631020937674&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D51cd3fc4-832c-4d9d-b6...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=51cd3fc4-832c-4d9d-b60e-9e46e32d4b07%3A1701164383.462388&_=1701164383.4649334
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJACjwIARAFGjY1MWNkM2ZjNC04MzJjLTRkOWQtYjYwZS05ZTQ2ZTMyZDRiMDc6MTcwMTE2NDM4My40NjIzODgQABoNCN_qlqsGEgUI6AcQAEIASgA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEIdacZGkMPwzx7cLyIFmQgE&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEIdacZGkMPwzx7cLyIFmQgE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:44 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEIdacZGkMPwzx7cLyIFmQgE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 73DF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZWW1XqgCJJeb8b4xiLm-EQAADPoAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPU_ETXcKcf4oUz7q9_1tMY&google_cver=1
43 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPU_ETXcKcf4oUz7q9_1tMY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qgwf1o5goHzsiK7JGmM5JEbaQqIHfBfgauJVgVdt1j14z2nkThDHwZVgowftLK4mRDhqjzhoytBebnm1AL%2F9QWEa0iWL9RI044Hg7uPsbnLyFThCRAZx3kSJaYkrKQ8%2B%2B5wzbix00MqFlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82d1a52d2c5e71a9-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPU_ETXcKcf4oUz7q9_1tMY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 73DF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZWW1XqgCJJeb8b4xiLm.EQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKhPjNxzvLHgTF12nq98Jm4&google_cver=1&google_hm=2
43 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKhPjNxzvLHgTF12nq98Jm4&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=slGXSl5RZ9Fe5ofaO%2BqoFLMgSU%2BR%2B2wcq%2B8FIgeso%2FhW8k1v7xf26bQD7YRkp%2FlzSlbpEep7c1Xqst2Rc7pvNqD6e%2FIP1C5rDOE%2BrWloyLqm5V%2FNxykzusV2bWfuCz4Bz1P5BrkBPPg1GA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82d1a5331af971a9-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKhPjNxzvLHgTF12nq98Jm4&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 73DF 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:42 GMT
server
Kestrel
content-length
70
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 73DF
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2297806412148916301
43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2297806412148916301
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2Fxw3v%2FPSXN2idxNo2NUNOsM6D%2FSwMB8XIrvgnEpd4y%2B4F9EQuH%2FFOi9s3iwMul%2B1O8HSWe9B0RDXx5zWcX2GqulBwozEjWbBleKVhXMza4yZAuT4Ii8%2Fh5sMr%2B3P3%2Ftj3GFtwwGeExHrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82d1a52d1c1c195e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:42 GMT
an-x-request-uuid
68b06d66-0912-41cb-925c-ec8bbcca3ef8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2297806412148916301
x-proxy-origin
195.206.105.130; 195.206.105.130; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum.casalemedia.com/ Frame 73DF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dindex%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=index&user_id=k-6fSC6RzRZeG-5trsCc-TqzTi7iXnmifdC7G0AA&gdpr=&gdpr_consent=
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=779824a1-9984-450a-b204-92613bcdcff3&gdpr=&gdpr_consent=&us_privacy=
43 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=779824a1-9984-450a-b204-92613bcdcff3&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2UZx6hlhXoKsMR2A6czKWHVWw%2BArchrOXlT7omuMA82f6rOgDL2kJy01WnRyBDBazA7vBYArCWnXDjL5tFh5EfxBOOVEu2Cs35zNlqd%2Bl2iz%2F5dyiEzPQ10rmYrN%2Bbi7C4JvGB6Q"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82d1a5332b94195e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=779824a1-9984-450a-b204-92613bcdcff3&gdpr=&gdpr_consent=&us_privacy=
date
Tue, 28 Nov 2023 09:39:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
rum
dsum.casalemedia.com/ Frame 73DF
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=3553230e669a16b7&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIEe3Veb_CQgNthJxrAAAAAAA&expiration=1701250782&is_secure=true
43 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIEe3Veb_CQgNthJxrAAAAAAA&expiration=1701250782&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EhM76mqzehLuhTxT3alOSR2YxFbCC0UPCKyICuuViCweu0PCMdGtIFtRt%2BaR%2FHMoa%2BvaOgFyR%2FPW7gzClour8n0EQbsndluq6%2B7wdKDnue3EzuvqXyyLrPCLPCYn0AmeqMpGaiDj"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82d1a5332b97195e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:42 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIEe3Veb_CQgNthJxrAAAAAAA&expiration=1701250782&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 73DF 		43 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZWW1XqgCJJeb8b4xiLm.EQAA%263322
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:42 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
24285
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
82d1a52cfd4e8fe8-FRA
content-length
43
expires
Wed, 29 Nov 2023 09:39:42 GMT
sd
us-u.openx.net/w/1.0/ Frame AE99
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=268&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=knAKLyoyX0tzy3brmzysSMPOaYI
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537082476&val=knAKLyoyX0tzy3brmzysSMPOaYI
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537082476&val=knAKLyoyX0tzy3brmzysSMPOaYI
Date
Tue, 28 Nov 2023 09:39:42 GMT
Connection
keep-alive
Content-Length
103
Content-Type
text/html; charset=utf-8
dds
rtb.openx.net/sync/ Frame AE99
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=Zt2gk8EZwiEUg4yNZn5RkA==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2d4c4ceb-f833-e946-c320-d6cf4a30a663
pr-bh.ybp.yahoo.com/sync/openx/ Frame AE99 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/2d4c4ceb-f833-e946-c320-d6cf4a30a663?gdpr=0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:3b2e:d970:bb65:e6b3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sd
us-u.openx.net/w/1.0/ Frame AE99
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CO...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=779824a1-9984-450a-b204-92613bcdcff3&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=779824a1-9984-450a-b204-92613bcdcff3&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=779824a1-9984-450a-b204-92613bcdcff3&gdpr=0&gdpr_consent=&us_privacy=
date
Tue, 28 Nov 2023 09:39:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sd
us-u.openx.net/w/1.0/ Frame AE99
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0&tc=1
  • https://us-u.openx.net/w/1.0/sd?id=537073053&val=bukZcnx7IHaSuXAsuVQma_kuMRgIqcWZWMEDfGKBxDM&pi=openx&gdpr=0&tc=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073053&val=bukZcnx7IHaSuXAsuVQma_kuMRgIqcWZWMEDfGKBxDM&pi=openx&gdpr=0&tc=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073053&val=bukZcnx7IHaSuXAsuVQma_kuMRgIqcWZWMEDfGKBxDM&pi=openx&gdpr=0&tc=1
pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT, Tue, 28 Nov 2023 09:39:43 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0F95 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsudZ7FF1MhacqCykPdk3VjoFTMpzX2O_701-64uzjqZcQ2aCSaL74GGERcBjN4yhw-sIfHQlt-z-LS2iAz9aC-Kkt2_0R21hpkCbZGaF-_EZ3MjMNWPwAFs093Y5Q4krKhWVv8RrD7ESqdlSiXRMnMcNx3SVy2LTBoIr_qZhC3MWDjyUxZBCTsuas2MW0F3dlUZqMigPQHc9EWbL5H6Ql4C-Mzw2GjWEDhAVX8skRpbCTQnhD_R_qXmplx0H9xvFny1S8RLhVLiPKmVt922IKH7iHwwsJDPIRxyLTbSkEno2OUHul4e1bGhCVXXwsjh3a3_q9FMeX7vkHylAA&sai=AMfl-YQVaqnQoZVbUjSAFgqR7UXrsj0w5TNaNoyK9d8kG4Ixjncoa-rLK9W41j-jAwqHwULHiC3-p1YOk6o22FJ6DX6txJiVtH7EEX1BpuzhbO6oIc0qZUYzuDQNVPQViw&sig=Cg0ArKJSzMbGWSEbs6xMEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
check
rtbdemand.apiip.net/api/ 		229 B
418 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtbdemand.apiip.net/api/check?accessKey=7ef45bac-167a-4aa8-8c99-bc8a28f80bc5&fields=countryCode,regionCode,regionName,city,timeZone,countryName
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f142b877300869b45a30cdaecacb048afe2f9395d8fc1b30b62edbf766599262

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:42 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"e5-EvQOF7xKGkWWyAUVCUzpp1auEzM"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
82d1a52fce66228e-CDG
alt-svc
h3=":443"; ma=86400
apstag.js
c.amazon-adsystem.com/aax2/ 		267 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c484c78d502a9769494d9fe87c9a826618b36fd60b567dee2cfa0f4e9163d79d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 08:49:05 GMT
content-encoding
gzip
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront), 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 20:18:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
3037
etag
W/"08899ab5b5f986f64974630ad47b39a1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
Wpvs9WkYAvpABBmIGoQAE306Ix_BhJV-cdDadn2SnHjJY6kMNtAi2w==
a.js
p.adlooxtracking.com/gpt/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/gpt/a.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.231.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 08:54:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
server
nginx
age
2720
etag
W/"81c857a6c52da1ca7444f198bd33b2ea"
last-modified
Tue, 22 Nov 2022 17:41:01 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3703
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0F95 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 09:39:43 GMT
setuid
px.ads.linkedin.com/ Frame AEC3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPI5CLTC-P-1QZY&us_privacy=1---
0
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPI5CLTC-P-1QZY&us_privacy=1---
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:42 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 155ABFA6A8D442F895D81C2A9050D98E Ref B: ZRHEDGE1221 Ref C: 2023-11-28T09:39:43Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYLMzLGZeGT7P0YgoaMDQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPI5CLTC-P-1QZY&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b71bced807741b20dd93dce6c2d26405
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame AEC3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGRhMjMxMjA4Y2Q2MmRjNTM4NWMzMzMwNmZlMDE3MzgxYzU1ZTY0MQ&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGRhMjMxMjA4Y2Q2MmRjNTM4NWMzMzMwNmZlMDE3MzgxYzU1ZTY0MQ&us_privacy=1---
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGRhMjMxMjA4Y2Q2MmRjNTM4NWMzMzMwNmZlMDE3MzgxYzU1ZTY0MQ&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b71bced807741b20dd93dce6c2d26405
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame AEC3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKP9VX_P_umrWZt-MBtzu1c&google_cver=1
42 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKP9VX_P_umrWZt-MBtzu1c&google_cver=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKP9VX_P_umrWZt-MBtzu1c&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame AEC3
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=-Yfy5oiBRTm78TObPbGgWw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=-Yfy5oiBRTm78TObPbGgWw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=-Yfy5oiBRTm78TObPbGgWw
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 09:39:43 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
J2KD2CKQBRM8089E6HMT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=-Yfy5oiBRTm78TObPbGgWw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame AEC3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/FON69EQIiTOeshRPa0cOBA?csrc=&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-nd5p15VE2oJaf3OSuR1n1Q8pT0.msgRM7z1LzA--~A
42 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-nd5p15VE2oJaf3OSuR1n1Q8pT0.msgRM7z1LzA--~A
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 28 Nov 2023 09:39:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-nd5p15VE2oJaf3OSuR1n1Q8pT0.msgRM7z1LzA--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame AEC3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBJNUNMVEMtUC0xUVpZ&us_privacy=1---
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEyY9p-6PcslmVtogoeq8dY&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBJNUNMVEMtUC0xUVpZ&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBJNUNMVEMtUC0xUVpZ&google_push=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBJNUNMVEMtUC0xUVpZ&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
aca6c52e983509e86b136a052e19be23
Expires
0
ecm3
s.amazon-adsystem.com/ Frame AEC3
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=G6R7oSSVRNeiYo0gdMzt4Q&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=G6R7oSSVRNeiYo0gdMzt4Q
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=G6R7oSSVRNeiYo0gdMzt4Q
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 09:39:43 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
W1TFZCG4E2DG0MMJQDAR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=G6R7oSSVRNeiYo0gdMzt4Q
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame AEC3 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
server
Kestrel
content-length
70
content-type
image/gif
ecm3
s.amazon-adsystem.com/ Frame AEC3
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1---
  • https://s.amazon-adsystem.com/ecm3?id=LPI5CLTC-P-1QZY&ex=d-rubiconproject.com&status=ok&us_privacy=1---
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LPI5CLTC-P-1QZY&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 09:39:43 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WB1EBWR2FR3580E0ACJ0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LPI5CLTC-P-1QZY&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
Expires
0
tap.php
pixel.rubiconproject.com/ Frame AEC3
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADthE7Ky2sAABcPtbwCug&expires=30
42 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADthE7Ky2sAABcPtbwCug&expires=30
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADthE7Ky2sAABcPtbwCug&expires=30
Date
Tue, 28 Nov 2023 09:39:43 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
v1
match.sharethrough.com/sync/ Frame AEC3
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&us_privacy=1---
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPI5CLTC-P-1QZY&us_privacy=1---
0
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPI5CLTC-P-1QZY&us_privacy=1---
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
52.59.133.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-133-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPI5CLTC-P-1QZY&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
Expires
0
setuid
ib.adnxs.com/prebid/ Frame AEC3
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&us_privacy=1---
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPI5CLTC-P-1QZY&us_privacy=1---
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPI5CLTC-P-1QZY&us_privacy=1---
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
an-x-request-uuid
5e98b140-8c16-46dd-b19c-e94e507c6c08
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
195.206.105.130; 195.206.105.130; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPI5CLTC-P-1QZY&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
aca6c52e983509e86b136a052e19be23
Expires
0
liveCS.php
live.primis.tech/live/ Frame AEC3
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&us_privacy=1---
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LPI5CLTC-P-1QZY&us_privacy=1---
0
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LPI5CLTC-P-1QZY&us_privacy=1---
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
2600:9000:2251:aa00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
content-encoding
gzip
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
1XX2PYR5BGaqIVZ_plGXbP2f6egEH3af7V9wJdMyYejZGUupcNPumg==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LPI5CLTC-P-1QZY&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
aca6c52e983509e86b136a052e19be23
Expires
0
magnite
prebid.a-mo.net/setuid/ Frame AEC3
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=LPI5CLTC-P-1QZY&us_privacy=1---
0
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LPI5CLTC-P-1QZY&us_privacy=1---
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:42 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LPI5CLTC-P-1QZY&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
Expires
0
tap.php
pixel.rubiconproject.com/ Frame AEC3
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=4bc3d8cd-fb8e-4def-ad19-4199cb1c55c3&expires=30&us_privacy=1---
42 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=4bc3d8cd-fb8e-4def-ad19-4199cb1c55c3&expires=30&us_privacy=1---
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=4bc3d8cd-fb8e-4def-ad19-4199cb1c55c3&expires=30&us_privacy=1---
Date
Tue, 28 Nov 2023 09:39:43 GMT
Connection
keep-alive
X-CI-RTID
b9a35139-2521-4a07-95fa-950f48a601b5
Content-Length
164
Content-Type
text/html; charset=utf-8
pixel
capi.connatix.com/us/ Frame AEC3
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&us_privacy=1---
  • https://capi.connatix.com/us/pixel?puid=LPI5CLTC-P-1QZY&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1---
  • https://capi.connatix.com/us/pixel?puid=LPI5CLTC-P-1QZY&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1---&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LPI5CLTC-P-1QZY&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1---&final=true
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
82d1a53569c51c9d-FRA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 28 Nov 2023 09:39:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LPI5CLTC-P-1QZY&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1---&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
82d1a534f94d1c9d-FRA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=3.231538080705219
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce--0-S3DD-Ft-To_zqC_zdTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce--0-S3DD-Ft-To_zqC_zdTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=9.440346234111487
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8crqJ6gO73uB0zAsGhJPmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
content-security-policy
script-src 'report-sample' 'nonce-8crqJ6gO73uB0zAsGhJPmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 37E3 		0
599 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
an-x-request-uuid
e4a243be-ffd8-4b94-a67f-1aa6b7e17c63
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
195.206.105.130; 195.206.105.130; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
container.html
cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E675 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 09:39:41 GMT
expires
Wed, 27 Nov 2024 09:39:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dis.aspx
widget.nl3.eu.criteo.com/dis/ Frame E220 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=143900&cb=6565b55d7333b5fe0c5ce113ef3e088e&r=https%3a%2f%2fwww.sanook.com%2f&crossorigin=false
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
28d3f29efc6a614d78b1cae2d456ff25833926ee5bcadaeefabd0eeebafa161f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Tue, 28 Nov 2023 09:39:42 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
2832269
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
vary
Accept-Encoding
all
csm.eu.criteo.net/ Frame 2C8D 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=jsswHGLR4Qf3i5uhOe1p-a6GUJh1-6_-rFJ4s7rLyOJu9Snc74q1YLdnMZsCRNrLqbqfaM22g3c9jvUbWYILn40QyhhxPvcfqqP5QqHCIuvOUACzrF8lPJTb9zEl1nsuwXRAfYwWb-hGz0wQkzvOaBywmoPU6vsZoHuN9j4q11r7TbXwtaQkiW9fjIHrrpL9mXeMTLaZRuiw_EQrzb4AOujUzts8ZXUyBJpgH00Bisd4Oa0uk3EG4ntrBTmf3vFVyo0cDg&sds=2&rev=89278&sendBeacon=true
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 28 Nov 2023 09:39:42 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame 2C8D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 22 Nov 2024 09:39:43 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 2C8D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 22 Nov 2024 09:39:43 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 2C8D 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 22 Nov 2024 09:39:43 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 2C8D 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 22 Nov 2024 09:39:43 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 2C8D 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=gO7M5i7SnzfL9ikoSpItrd0brDnSJcmUR04y6toPEYnvSYhG9ghxPSzJtcmnyiKlQLzWlAVE-29SG1pUAjS4zK28rxKTPfKqu5vcbsL3F55va0U3cUlBzhdr3svqSCD-YKysoywo6VnD_ppUQu-6gf6PPKHcRpMOXY0XRhFzlZ958OxOqC49hCgAXzdVEVTmSB-OQfHRayG68l7Cdr_kBIh7DFcRB_yMPT-owAG7jfPt4gDfDaq77VAc7fuO96brlEaEtSB4wMIQf079ot7HAv0ghvAyqIPGZ2-Qna1yxsXDxxXUv_P9j8pJY8nuI-N0yB8U_r8WA3DeE0M7HmHp5Qk3WKS64-sarRCmxODs4K8l1O1KYXYJfuPgoc-MeD4tjkK8KViE5AmABqW6F0a2WQjQSEqxAoNLKi0bfp0J9QvSwXoaJ7hFMYqDHQQcmJIwEKBwrw
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2464216
expires
Mon, 26 Jul 1997 05:00:00 GMT
92faf279269d4762980acf2b893351c6_image_ad_728x90.jpeg
static.criteo.net/design/dt/41417/5120359/ Frame 2C8D 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/41417/5120359/92faf279269d4762980acf2b893351c6_image_ad_728x90.jpeg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
389aa1b469496e9ef1237d7b1c132191f148e5137c538d9b5e1857c9581a2c9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 20 Nov 2023 07:51:40 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"655b100c-ac3a"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
44090
expires
Fri, 22 Nov 2024 09:39:43 GMT
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2C8D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 22 Nov 2024 09:39:43 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 2C8D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 22 Nov 2024 09:39:43 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E675 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com
URL: https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 10:09:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
603020
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 20 Nov 2024 10:09:23 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/155976/781/69/ Frame E675 		2 MB
247 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/155976/781/69/pwt.js
Requested by
Host: cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com
URL: https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
32d4e32610f665f17e5f51340879ea8ef32485270d3e74e8e70eeae967b32cfd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
content-encoding
gzip
last-modified
Tue, 22 Aug 2023 07:17:09 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=24930
accept-ranges
bytes
content-length
252083
expires
Tue, 28 Nov 2023 16:35:13 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E675 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com
URL: https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 09:39:43 GMT
cd6cddc5-4dca-4d77-9a65-8b894400e772
config.aps.amazon-adsystem.com/configs/ 		537 B
812 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-128.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
804cd20ce0af8849bc9045ee74552987bb854dc3b51a38ab7cad6c4825495771

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:32:26 GMT
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
437
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
6LBDvPX5luFTi8ZqLGoyZJ1JPOBiEH2EboePzxvqymXstxcQRKaxTw==
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.sanook.com&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
c86d792f85479bc941b4eb8e817e461f88e5b57097f65c48529b509857bda2ea

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 05:29:51 GMT
via
1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
14992
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2196
x-amz-cf-id
qEnWgoXGexigw3ei1D5j0yTs_3Wr3X6oASxY9Le7EePEf-OWIQDcqw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
date
Tue, 28 Nov 2023 05:23:52 GMT
x-amz-cf-pop
FRA56-P6
age
15352
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
lc13FyX9-WMEs19Z9H6JLtl8pDlikhGPi6BT3lSyCoe1t50Pr7iNqA==
AGSKWxU5B9TOdCQ4sN5o92Rqf7Tpsrx4Q8KuYakF7bNSCY7Z2xpkgYflGTpk6OJ3BtYV9O6zJhkdFYgLp3X-rSThCOywlivm4axxfhCDbOLPtYcdTHF1iK-vkAjBWIHyKvf3Dcl5jawHxQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU5B9TOdCQ4sN5o92Rqf7Tpsrx4Q8KuYakF7bNSCY7Z2xpkgYflGTpk6OJ3BtYV9O6zJhkdFYgLp3X-rSThCOywlivm4axxfhCDbOLPtYcdTHF1iK-vkAjBWIHyKvf3Dcl5jawHxQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMyTmwD9vZzPw60_wPGGncvG1CmM1A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-K5s02VQPxiEy51B-MeTpzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-K5s02VQPxiEy51B-MeTpzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Tue, 28 Nov 2023 09:54:43 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 06:08:51 GMT
content-encoding
gzip
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
12653
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
tQ9tc4p_xfDpLi4Gv-iSre4qxlk6srKAWrfMMdp5S3-bRYdicEIWYQ==
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.sanook.com%2F&ref=&_it=amazon&partner_id=632
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907JHMEEKQ08DSV2
age
3131
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
82d1a5344d9d9b98-FRA
x-amz-id-2
oJpPJCbEID7z1zM9kIxlsqSbq8xeH5HC5gS4xpeHur3SW4yHO8BbtAlQwktjkw9El2h2R0B/Pt0=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		155 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4de63384da5e10bec84c04e5e55e923ed23830e6c5d76289a7479c76d81caf8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Nov 2023 08:38:44 GMT
server
cloudflare
x-amz-request-id
EW2DAEPD7Q3GX3BZ
age
440
etag
W/"6f0e14bce189be4a7ac2b5faef347378"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
82d1a533df0365cc-FRA
x-amz-id-2
hVptbu/OILdczhDQTmLXqgB0I06T7HwQKnSPqLSNIP17ZeisJwksiP3GSrlp+Eu03j4XMgY+jYlWOy7fjXDhhQ==
view
securepubads.g.doubleclick.net/pcs/ Frame 714D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss99ySXbxJvFrE0Dz0BbCe8EKz5r-lDVWcc408oRewtMrypvrsauzyeuYCZ0U8jEqZvOzGF2ExD68RzNgZ-1vBPOtGdXWflxDzG5dgtuYeCNV-yxzgO8g3qoQi0HDn77vSDR5P8GXIfe0wmyrHjP_UKue-ZMWvV25g52TmctO9yHH3kU8e7XA-MHzdR2V0vRuC8B1MONkaqP70knWClZ443oEclKlYhJn5nN7EYFq2rOO8OJBUDjdWG3D8pLpHeoY6XdJZMXPDTzHzvdsO7bAGBzWCyvtCg4TkFnLf5l9Jtzki_IlAupNbopdE0-4ouzmYTJF6y50ifyGl1DsfTjum-fGylfNGpnWDqvrtPXUx7i2Q&sai=AMfl-YRlr48DuGRkD6aGNDVEBLuVIyjW-rY1Xt656X8U4vGFSkkFPyTGPY9l4PDXv0smY4oerLVaLD45JO8UgrVULoe20pJtFi0oI7dgFlKQXrTwdKJN-mVbsH-fA9_KFO8osVJ2CK0OptT7GxKvLDFyx3Q&sig=Cg0ArKJSzBHIjdgkulKnEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 28 Nov 2023 09:39:43 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0F95 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuipEhnxAq8iL_MYSIzlM2C2yjXEHBe4jxKSy4TD6VRXLsMEckIZaAZ1AukhYnylHhKDouEzdqPjZDfFsr12JOeR7xB6JZIbs0pn-nN46hilXxD9NSjMvJHAfcqcFALHr7s9brb5S7S9qNGSkDak_-hsQ8Xc854EgvfO87bMgwGQyR--tOXvv008dXcVLCczdjxNI0qc-CKV1810JpjteMAACUH05Znf1L_zU-Yg9fArKcL7oWLsWspsk7rXJyKYgytMvPYnLKVEeeseglmZQjT8iu7eTXnlEKCv2agjNjvr_LIg_KYUz1s0DnVMQ4xp2kDY-nVz3Csd_7oHdf3&sai=AMfl-YT6L0gqZU-yT5PDxlYENggtO0DA3oNLp7bHdBmOQiJ-BbpJyUezJo1x49krNuJsJgoyrvzJIYCfvf0dwDAZLVDfUX9Lr2qwS8fk6aX87yVnFPhx33bUjc-lE8geBQ&sig=Cg0ArKJSzInLXyZIX61OEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 28 Nov 2023 09:39:43 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 859C 		16 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311140101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35962b82d6aa1c34a608c2d94a6d200a39b2b30d943cd64fd538ccf5ee81738a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12484
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 859C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsutBGR0Cfhes2mAr714LwnZNb1dzJv_KH0LeV6iRU9BbGH9maezni4hPHuHkGnP5-DqbK_IWRwORBjaIgrQI5EqWYTRsUj33ydLAsemFo1rdS37omT1EoG-VXigDzzTRMHyZLhRO9rcg8SPDVZgX5yJTiMdFlpoW2V0LPeab-FlumN3joHut5tsuIBE6GB09xOUHo6A8d4irbVOSZeuuiY_q3qwIP8RbQy6kDIX-ckKj65-oONUfQEuKL-kgh7pLYZgtJ6fln4rxth1NQOS5y-11oCz5fC-kIYaJq9aI1r4eVbiI96akEnHwk7OEu2xm46VTFhBjSeIG6G_Q4qnF69-nR_F40YuKO9zVFTfin_XiATG&sai=AMfl-YTKZkKgb7JSbgM0j_sdyqOqEkfiykTrH8fuKgUCdAyr2ti8tG2uQ03A0hRw4msSZNo1aqesyb3cjvGy6m29jznBoSzThVkGaJc1V36Eor_qWjO5ECt4HEwEpp4YeF0l_eiC0hleKKqbqZ1oM19mxQk&sig=Cg0ArKJSzKsHakZJriXWEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 28 Nov 2023 09:39:43 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C348 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsueV4mGmW_qdvew4CDGkHV6wejwRSLwO1G5PeF49nCgAoQaWM9QZzFhm7JnUKl794IXQXB7O66JWlOF_vslB3z-umicrbbz21HdhhbqamNoirYGtQQ6G08wx6g2CTavUAgr-woxP7EBxnoDwYsrCB92QYura3kenQ8GgkzFpFUoSel0UeKg7Q9XLH_vv-ftsdsyopwCKPKv1H7fR-PX2UzvqL36RhHUGartoVPDqpZgzLXGqtZB_X3c8mfJWKerLQaymOov50NcpJGCI4jRvK-wCsMzeLmWcnw6EaDGwSd9n6X0cIJbrUmgFOxTcA1Fzf1Od0DBmOf-D2YlcEfuybN5aL600Am1IbVQflWVFdzMh2GStg&sai=AMfl-YTUMduT2j09j77a1pKotyGQNq-jom5g-4afUoCP8CiWzrqV1QGFOjLTuNynsp8dGJxViKJoRHXayAwWSbTPwC9Mp0so3a68XjO6yk-2yxrwSB5Xl44fClgU1Vqgy5CJnoybJBkgRbo8eTC2pT-Cqoc&sig=Cg0ArKJSzN9c04yGRR66EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 28 Nov 2023 09:39:43 GMT
truncated
/ Frame C348 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb77bf58d1d05fe9dc161d7746355df1dbe888253ae685d1bb9b476c945bda72

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame E675 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8lEXwNYNItRBAOvC6UM-FO_nzy0MRsF6G8lSiXDSBsxJdRBlZ1T7WIZN-nL9wUJjbvupkN95zikDvNko-c3hgDld7Bqh1Ig16sFr7eIXQCceA5yZ3osEi2Mso1N7dXOjGTrjRMoHd0DRE4IY_oaN_Dj90JSCTV8T1KRAJFCky3oMoZQrEHpKZ_-gkMRK9r1KqyNu7hxZeFZfFo4N-Ur_6Sqb-RMpR-b4KDlI_w2F1tdmWRVRrs6NIKSnlZ0fRr_JZzy8Qm6mQJGo_LKW3VXxtsqyyFDAzAsOVMNUvyJog95IoO1ecZ4VYj33gR9lQN2od1mDzi0t7s54QfM9nFq_suhtbN8kBxWkBJAGUWyKPL28GgpxYjnKF1EFVAPluz_qV1z3n&sai=AMfl-YSX7MOH9NKsyi7Ie2OkFDFk6r1x5tr_S0_wl3KKTm1afNomsrgBLxw4kUPPvHFo0UwbKi1F12Vvjbm6fuMUitx4Kssc7hyxErB15nAqnQmXIzPUHhlnRgXo3xVeAWs_twitNUEUb3NSZZ9g055n-so&sig=Cg0ArKJSzLnUuHG07cKGEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com
URL: https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
floors.json
ads.pubmatic.com/AdServer/js/pwt/floors/155976/781/ Frame E675 		369 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/floors/155976/781/floors.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/69/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4f80b6b9492d8591d006c59512737b2bf8509b15deb91a57ee74d8742905554e

Request headers

Referer
https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
content-encoding
gzip
last-modified
Mon, 27 Nov 2023 14:33:46 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
*
content-type
application/json
cache-control
public, max-age=10885
access-control-allow-credentials
true
accept-ranges
bytes
content-length
208
expires
Tue, 28 Nov 2023 12:41:08 GMT
geo
ut.pubmatic.com/ Frame E675 		12 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/69/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0dda36c3e57d741bcabdff928bd4ab654ae6d37514de5ec880db2fc37440ae0b

Request headers

Referer
https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Tue, 28 Nov 2023 09:39:43 GMT
cache-control
max-age=172800
content-length
12
content-type
application/json
truncated
/ Frame E675 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d7a771ff2400141dadc3aa20a3685677d41761b15fed5921b771ce8653237cd

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
prebid-custom-richaudience.js
rtbpass.andbeyond.media/ 		602 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.195.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e703a095f6114a9905c889cd75b7bd1059a758b00d3c01ca55f3f064a686a389

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
content-encoding
br
via
1.1 varnish
x-amz-request-id
9RS60E4ESVW64HVV
age
26
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
190838
x-amz-id-2
Ma1H0/Ffn3qRW9D28FhNvouBktCPR7ftx71WiuvoYMyIJhhYjHNoFCmbuY4QEeE6GZGpfq/Rx6o=
x-served-by
cache-fra-eddf8230086-FRA
last-modified
Thu, 14 Sep 2023 12:35:17 GMT
server
AmazonS3
x-timer
S1701164384.525478,VS0,VE1
etag
"5557f783869e27322374ad505b755076"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=86400
accept-ranges
bytes
x-cache-hits
1
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame FE1A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-wb3RQRzRZeG-5trsCc-TqzTi7iVCBV2PZtKPbQ&google_cm&google_hm=ay13YjNSUVJ6UlplRy01dHJzQ2MtVHF6VGk3aVZDQlYyU...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-wb3RQRzRZeG-5trsCc-TqzTi7iVCBV2PZtKPbQ&google_gid=CAESEA2b1XQxgCkhtEpQb2PkeH8&google_cver=1&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-wb3RQRzRZeG-5trsCc-TqzTi7iVCBV2PZtKPbQ&google_gid=CAESEA2b1XQxgCkhtEpQb2PkeH8&google_cver=1&google_ula=913071,0
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
563294
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-wb3RQRzRZeG-5trsCc-TqzTi7iVCBV2PZtKPbQ&google_gid=CAESEA2b1XQxgCkhtEpQb2PkeH8&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame FE1A 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-6fSC6RzRZeG-5trsCc-TqzTi7iXnmifdC7G0AA&expires=30
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.142.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-142-87.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame FE1A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2297806412148916301
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2297806412148916301
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1392693
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
an-x-request-uuid
d2ff7bf6-96a6-4d48-baeb-701fca8e0c00
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2297806412148916301
x-proxy-origin
195.206.105.130; 195.206.105.130; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame FE1A 		42 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-ZhH19hzRZeG-5trsCc-TqzTi7iUQQFIKPWFmCg&expires=30
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
rtb-csync.smartadserver.com/redir/ Frame FE1A 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-dUvyZxzRZeG-5trsCc-TqzTi7iWnjjPDSCAe5A
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame FE1A 		0
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-ShedVBzRZeG-5trsCc-TqzTi7iUOEofBCZFbhQ
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
29717
um
criteo-sync.teads.tv/ Frame FE1A 		23 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-ZIqADRzRZeG-5trsCc-TqzTi7iVomVYO9u41Dg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Tue, 28 Nov 2023 09:39:43 GMT
pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame FE1A 		37 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-1XBA9BzRZeG-5trsCc-TqzTi7iVv5WqtrZsxow&dongle=013b
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame FE1A 		0
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-3sEcPRzRZeG-5trsCc-TqzTi7iX2au8uth1JGQ
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.adform.net/ Frame FE1A 		43 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-NG-KKxzRZeG-5trsCc-TqzTi7iV9sgdh6g0xTQ
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.230 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
last-modified
Thu, 26 Oct 2023 07:49:04 GMT
server
nginx
accept-ranges
bytes
etag
"653a19f0-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame FE1A 		49 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-78CgjxzRZeG-5trsCc-TqzTi7iU9RY5k4_2Nyg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.121.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-121-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
rum
r.casalemedia.com/ Frame FE1A 		43 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-l2nxNxzRZeG-5trsCc-TqzTi7iUNAdRvs3yqUw
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M075x2ECOfuw8HajXD9tbN4Q%2F%2FjgwuBcrWH5A0gdj56eu2Zu3URA%2FZdukN%2FSATyyEIA4vJYy%2FfOqMgi5Ubys0qUPyQgTtxyWJoUlbiyVCFydyYCK4Ok1biY5Cy6p1%2BVJV2iq"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82d1a534cd97195e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0
demconf.jpg
dpm.demdex.net/ Frame FE1A
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=w4IM7_TOrWsc7Plhbv9YrHBuNH8SqwdQ
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=w4IM7_TOrWsc7Plhbv9YrHBuNH8SqwdQ
42 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=w4IM7_TOrWsc7Plhbv9YrHBuNH8SqwdQ
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
52.19.222.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-222-237.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v054-0c9232abe.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
Iu1mcoklT+Q=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-2-v054-0be504dcd.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
iJ5lFcXFT+o=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=w4IM7_TOrWsc7Plhbv9YrHBuNH8SqwdQ
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
9.gif
id5-sync.com/s/966/ Frame FE1A 		43 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-hAiAXxzRZeG-5trsCc-TqzTi7iX9hF9_bcVf9g
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 28 Nov 2023 09:39:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
match
ad.360yield.com/ul_cb/ Frame FE1A
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-Yc_VlhzRZeG-5trsCc-TqzTi7iXS01GVywoc9w
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Yc_VlhzRZeG-5trsCc-TqzTi7iXS01GVywoc9w
43 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Yc_VlhzRZeG-5trsCc-TqzTi7iXS01GVywoc9w
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
52.51.80.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-80-54.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 28 Nov 2023 09:39:43 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Yc_VlhzRZeG-5trsCc-TqzTi7iXS01GVywoc9w
access-control-allow-origin
*
date
Tue, 28 Nov 2023 09:39:43 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame FE1A 		42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-7eXvARzRZeG-5trsCc-TqzTi7iWiPDBe--f4BQ
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:42 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame FE1A 		0
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-iWB5MhzRZeG-5trsCc-TqzTi7iXQeUBfpR9Wcw
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.49.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-49-101.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
1017
jadserve.postrelease.com/suid/ Frame FE1A 		43 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-jwZDmhzRZeG-5trsCc-TqzTi7iWsrUlzsXgCqQ
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.242.29.250 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-242-29-250.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:44 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame FE1A 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-uWoieBzRZeG-5trsCc-TqzTi7iX9eT91ceP9tg&initiator=partner
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.31 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 09:39:43 GMT
Cache-Control
no-cache
X-TraceId
870720785cbf1222e1f740df9b862c7c
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame FE1A 		42 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-h-YwJRzRZeG-5trsCc-TqzTi7iUIuCphxv9TFg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 09:39:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
v1
match.sharethrough.com/sync/ Frame FE1A 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-pdXvhxzRZeG-5trsCc-TqzTi7iWe4GsgqOgIcA
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.133.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-133-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
sync
criteo-partners.tremorhub.com/ Frame FE1A 		43 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-IRKkuBzRZeG-5trsCc-TqzTi7iUy14QOBIsZFA
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:d5ff:1540:2e33:3aaf Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Tue, 28 Nov 2023 09:39:43 GMT
server
nginx
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame FE1A 		43 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-BuIymhzRZeG-5trsCc-TqzTi7iVmyv8NtbL-cQ
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software
Apache / PHP/7.3.29
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 28 Nov 2023 09:39:43 GMT
p3p
policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
server
Apache
x-powered-by
PHP/7.3.29
content-length
43
content-type
image/gif
m
ad.yieldlab.net/ Frame FE1A 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-HK-JLBzRZeG-5trsCc-TqzTi7iXbAwI30n_B3Q
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-192.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 09:39:43 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Mon, 27 Nov 2023 09:39:43 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame FE1A 		43 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-_yai0RzRZeG-5trsCc-TqzTi7iVHVv-Uwx25XA&pn_id=criteo&ext=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.140.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-140-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43
put
e1.emxdgt.com/ Frame FE1A 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d53&uid=k-oZ5kXBzRZeG-5trsCc-TqzTi7iXInMZur8ldaA
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.146.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-146-238.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
server
awselb/2.0
4149e1c1-7630-4bd7-8420-18c3af2a1f9c_630cb0c6-c8be-4c83-9c0d-2a1db55aaaa3
a.teads.tv/hb/ad/ Frame 8AC9 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/ad/4149e1c1-7630-4bd7-8420-18c3af2a1f9c_630cb0c6-c8be-4c83-9c0d-2a1db55aaaa3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/69/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bf00f4b3f23914a25418443d07ab92a8b4f5371f9c11aee9968c6808259659fc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3466
expires
Tue, 28 Nov 2023 09:39:43 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 859C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Nov 2023 09:39:43 GMT
wt
t.pubmatic.com/ 		17 B
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wt?pubid=155976&purl=https%3A%2F%2Fwww.sanook.com%2F&tst=1701164384&iid=ecebf407-4275-4a66-a110-308e51e17ca3&bidid=12c4e00a783ea39&origbidid=12c4e00a783ea39&pid=781&pdvid=69&slot=rgpt-reca-4&au=%2F4899711%2Fwww.sanook%2Fdesktop%2Fall%2Findexpage%2Freca&pn=teads&bc=teads&en=0.59&eg=0.59&kgpv=%2F4899711%2Fwww.sanook%2Fdesktop%2Fall%2Findexpage%2Freca%40300x250&piid=&rf=0&plt=1&psz=300x250&tgid=0&orig=www.sanook.com&ss=0&fskp=1&af=banner
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
hadron.json
id.hadron.ad.gt/v1/ 		95 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=632&sync=0&domain=www.sanook.com&url=https://www.sanook.com/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.sanook.com%2F&ref=&_it=amazon&partner_id=632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e41f23564b873959d15cb6e1a3b1bd018944ce85bdffbad3174263a83f296523

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
82d1a5369ccf5d7f-FRA
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=632&sync=0&domain=www.sanook.com&url=https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.sanook.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
82d1a535bb8c5d7f-FRA
content-length
0
content-type
application/json
date
Tue, 28 Nov 2023 09:39:43 GMT
debug
OPTIONS block
expires
Wed, 27 Nov 2024 09:39:43 GMT
server
cloudflare
cksync
hb.yahoo.net/ Frame FE1A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-3sEcPRzRZeG-5trsCc-TqzTi7iX2au8uth1JGQ
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58301&ovsid=k-3sEcPRzRZeG-5trsCc-TqzTi7iX2au8uth1JGQ&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1rYno5bV9kRTJ1R1cuWlY1TXhTT1A5OGpFRjVKdnExY35B&ovsid=k-3sEcPRzRZeG-5trsCc-TqzTi7iX2au8uth1JGQ&dpid=58301
52 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1rYno5bV9kRTJ1R1cuWlY1TXhTT1A5OGpFRjVKdnExY35B&ovsid=k-3sEcPRzRZeG-5trsCc-TqzTi7iX2au8uth1JGQ&dpid=58301
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
23.48.23.67 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-67.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 28 Nov 2023 09:39:43 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
52
x-mnet-hl2
E
expires
Tue, 28 Nov 2023 09:39:43 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1rYno5bV9kRTJ1R1cuWlY1TXhTT1A5OGpFRjVKdnExY35B&ovsid=k-3sEcPRzRZeG-5trsCc-TqzTi7iX2au8uth1JGQ&dpid=58301
date
Tue, 28 Nov 2023 09:39:43 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D858 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
387
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 09:33:16 GMT
expires
Wed, 27 Nov 2024 09:33:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DBF9 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0cf004117ade7226726d2823803695d466d5786317b01927153b26b2a35cfb1f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lOE7eWccPZ5sDWvuXnnsfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-lOE7eWccPZ5sDWvuXnnsfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 09:39:43 GMT
expires
Tue, 28 Nov 2023 09:39:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
teads-format.min.js
a.teads.tv/media/format/v3/ Frame 8AC9 		585 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/hb/ad/4149e1c1-7630-4bd7-8420-18c3af2a1f9c_630cb0c6-c8be-4c83-9c0d-2a1db55aaaa3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
598732a6af28f89288b8ec8b36472cc19265e29e78cea0b4510beba858cbb78a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
content-encoding
br
last-modified
Mon, 27 Nov 2023 16:18:21 GMT
x-amz-request-id
Y1X3ZWHWXDP82D0A
etag
"f54eed6009bfd3c323d4a263b2ed34bd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
7
accept-ranges
bytes
content-length
136263
x-amz-id-2
DA0PsOFdYBwXH/Vx8YhIDLdaFZb60/69krh/rml5k4DEILJ1mBz7ZG1NZ1gxDELJ+yhZ2fJ9q5s=
expires
Tue, 28 Nov 2023 10:09:43 GMT
setuid
ib.adnxs.com/ Frame FE1A 		43 B
886 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-v8WfDxzRZeG-5trsCc-TqzTi7iVCFFSzj-ExMw
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
an-x-request-uuid
958875f4-278e-4065-877a-2d35a3616f63
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
195.206.105.130; 195.206.105.130; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
wrapper.html
wrappers.geoedge.be/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wrappers.geoedge.be/wrapper.html
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:f400:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-amz-version-id
gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
date
Tue, 28 Nov 2023 05:59:23 GMT
via
1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 12:46:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
13221
etag
"4a6c546fe449447f2a620613c0655458"
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
3121
x-amz-cf-id
kZmoKVfMRDnSVdMP-zAYeCdHAK2Ia1mihqkuubqE_-XLHCq7gO-YMg==
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame D858 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:51:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
6517
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Nov 2024 07:51:06 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DBF9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311140101&jk=4383154952573800&rc=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
track
t2.teads.tv/ Frame 8AC9 		23 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=hbSlotAvailable&pid=177687&pageId=162967&vid=6b4c9fc0-2013-4aee-8331-5036f857e766&pfid=42&env=js-web&ut=1&auctid=4149e1c1-7630-4bd7-8420-18c3af2a1f9c_630cb0c6-c8be-4c83-9c0d-2a1db55aaaa3&sid=421436&scid=7024&hb_provider=prebid&hb_ad_unit_code=rgpt-reca-4&pscid=15682&psid=93252&cost=kqSxmwYpkbkwNPmqv5tkN-s3&cost_curr=USD&analyticsOnly=false&brid=7119&mrs=prg-710&ad_source_id=199&dsp_campaign_id=3196062&dsp_creative_id=69875459&fms=9&p=WtfQ3j5AopAF1gyMZqPdX4mEsSlJvEVxuAV5hVlLGUCXtg&cts=1701164381927&cs=444317136995601588505&1701164381927&slot=native&hb_w=300&hb_h=250&fv=1291&ts=1701164383721&referer=https%3A%2F%2Fwww.sanook.com%2F
Requested by
Host: cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com
URL: https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Tue, 28 Nov 2023 09:39:43 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
iframe
sync.teads.tv/ Frame BA05 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/iframe?pid=177687&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=4149e1c1-7630-4bd7-8420-18c3af2a1f9c_630cb0c6-c8be-4c83-9c0d-2a1db55aaaa3&vid=6b4c9fc0-2013-4aee-8331-5036f857e766&1701164383723
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
375e8cb13ece612a31299d7712eca87078cf7036dfe9dee523c3e23d00c5c9bc

Request headers

Referer
https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
741
content-type
text/html; charset=UTF-8
date
Tue, 28 Nov 2023 09:39:43 GMT
expires
Tue, 28 Nov 2023 09:39:43 GMT
pragma
no-cache
server
pekko-http/1.0.0
vary
Accept-Encoding
track
t.teads.tv/ Frame 8AC9 		23 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adReceived&env=js-sf&auctid=4149e1c1-7630-4bd7-8420-18c3af2a1f9c_630cb0c6-c8be-4c83-9c0d-2a1db55aaaa3&pageId=162967&pid=177687&hb_provider=prebid&vid=6b4c9fc0-2013-4aee-8331-5036f857e766&slot=native&pfid=42&fv=1291&ts=1701164383724&f=1&referer=https%3A%2F%2Fwww.sanook.com%2F
Requested by
Host: cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com
URL: https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Tue, 28 Nov 2023 09:39:43 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
truncated
/ Frame EAEA 		669 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
teads-vpaid-display.js
a.teads.tv/media/vpaid-display/ Frame 8AC9 		76 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/vpaid-display/teads-vpaid-display.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
53495588f47cea67569704214876b368a3577088677cd91617007616fac9cccd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
content-encoding
br
last-modified
Mon, 27 Nov 2023 16:18:39 GMT
x-amz-request-id
E0E9EMZD9HJGPFPJ
etag
"41bb655461ac7132d056292560475566"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
7
accept-ranges
bytes
content-length
24291
x-amz-id-2
03jbJmLUdyxbTlLhUnFAVPWvWlQNjYyJPlqVs5mazPAKwa6RyL43xYjcmwV8bgd6adXP9SPZWr8=
expires
Tue, 28 Nov 2023 10:09:43 GMT
truncated
/ Frame 8AC9 		669 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.sanook.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 28 Nov 2023 09:39:42 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
202359
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1&lsw=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
225835
expires
0
prebid
id5-sync.com/api/config/ 		135 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
0b55ec4e5aa91ac70224085c402a372fcdd954dd4df3229b7de7efbfa86cff3c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 28 Nov 2023 09:39:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
id
id.crwdcntrl.net/ 		151 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.86.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-86-19.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
67f04d7efcddbcbbcce55ab30e16e171e26a01ae546b19820a869dffa0995547

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache
x-server
10.45.27.234
access-control-allow-credentials
true
content-length
151
expires
0
rid
match.adsrvr.org/track/ 		63 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
ef186bab99bb7eff46355b30a4055472c5a74f428785a1833882a15ca4116af6

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Thu, 28 Dec 2023 09:39:43 GMT
iframe.html
a.teads.tv/media/vpaid-display/ Frame 95BF 		1 KB
853 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/vpaid-display/iframe.html
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/vpaid-display/teads-vpaid-display.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
daeaceae7fd7857280ab71af9b6926d9a2d24d0b6b78ef5d713749e741a99224

Request headers

Referer
https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
private, must-revalidate, max-age=1800, no-transform
content-encoding
gzip
content-length
529
content-type
text/html
date
Tue, 28 Nov 2023 09:39:43 GMT
etag
"64d4092e60a5fd0516a2673503a37dbf"
expires
Tue, 28 Nov 2023 10:09:43 GMT
last-modified
Tue, 15 Feb 2022 08:41:27 GMT
vary
Accept-Encoding
x-amz-id-2
G95wV5G4yABrYt5ytL7uBW4IjpNVDRmymPBHe5nXC7nz/C+8cyuaO/iOvM8NHQV61k6WkKMgUQY=
x-amz-request-id
88GYX8JH553FF6NC
x-bucket
7
track
t.teads.tv/ Frame 8AC9 		23 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adAvailable-success&env=js-sf&auctid=4149e1c1-7630-4bd7-8420-18c3af2a1f9c_630cb0c6-c8be-4c83-9c0d-2a1db55aaaa3&pageId=162967&pid=177687&hb_provider=prebid&vid=6b4c9fc0-2013-4aee-8331-5036f857e766&slot=native&pfid=42&sid=421436&fv=1291&ts=1701164383791&f=1&referer=https%3A%2F%2Fwww.sanook.com%2F
Requested by
Host: cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com
URL: https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Tue, 28 Nov 2023 09:39:43 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t2.teads.tv/ Frame 8AC9 		23 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=impression&pid=177687&vid=6b4c9fc0-2013-4aee-8331-5036f857e766&pfid=42&mediaFileType=js&env=js-web&ut=1&auctid=4149e1c1-7630-4bd7-8420-18c3af2a1f9c_630cb0c6-c8be-4c83-9c0d-2a1db55aaaa3&sid=421436&scid=7024&ad_source_id=199&dsp_campaign_id=3196062&dsp_creative_id=69875459&pscid=15682&psid=93252&hb_provider=prebid&hb_ad_unit_code=rgpt-reca-4&revenue=z4-78CoVOIfKxz9gb9KmgY8O&revenue_curr=USD&analyticsOnly=false&fms=9&p=MjuIws6x5fxm0gDOcPmhXAeVzh73voYLsE8XZVSorxjf82aiyOx24AcGPAGuypQjPao&cts=1701164381928&cs=667759676783835744705&1701164381927&slot=native&fv=1291&plft=apa,apnf&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.sanook.com%2F
Requested by
Host: cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com
URL: https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Tue, 28 Nov 2023 09:39:43 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t.teads.tv/ Frame 8AC9 		23 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adCall&env=js-sf&pageId=162967&pid=177687&auctid=4149e1c1-7630-4bd7-8420-18c3af2a1f9c_630cb0c6-c8be-4c83-9c0d-2a1db55aaaa3&vid=6b4c9fc0-2013-4aee-8331-5036f857e766&slot=native&pfid=42&gdpr_api_version=&gdpr_cmp_id=&gdpr_consent=&gdpr_status=24&gdpr_reason=240&rpm_reason=19&hb_provider=prebid&fv=1291&ts=1701164383807&f=1&referer=https%3A%2F%2Fwww.sanook.com%2F
Requested by
Host: cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com
URL: https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Tue, 28 Nov 2023 09:39:43 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
f4bb6c152c06cdb9be9ea4e80e4862f3feea51ba5d7121de4295320d232d44f1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 28 Nov 2023 09:39:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
usermatch.gif
beacon.krxd.net/ Frame FE1A
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=7RDazquOY-1p8NNpxrqHzALGNGCh4_G3
0
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=7RDazquOY-1p8NNpxrqHzALGNGCh4_G3
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
34.246.253.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-253-18.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
beacon-n019-dub-prod.krxd.net
date
Tue, 28 Nov 2023 09:39:43 GMT
cache-control
private, no-cache, no-store
x-request-time
D=34 t=1701164383
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=7RDazquOY-1p8NNpxrqHzALGNGCh4_G3
date
Tue, 28 Nov 2023 09:39:43 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
675429
content-length
0
generate_204
tpc.googlesyndication.com/ Frame D858 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?S02oMA
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
SPug
simage4.pubmatic.com/AdServer/ Frame ED78 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
track.adform.net/adfscript/ Frame 3CC6 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=69875459;rtbwp=1.3502689900377405;rtbdata=Pv4L8eE6RXhzvhz1L3yBVyo1CAlSRgJqnY6ZyIKx01ymh5GeCFLwIniHRsF1CjrxXaJtTX-e0t7sthlzKb7rh9b8noW-WRTdTJSuMu4zYMZoQbqzToE2f-xnFIfkTIG6jcONn6RXKWEY6iboAFGKRONYBwSIZ5zoDyzQYdeTwc9js3LzooiWlugSQI3nKB0fVF31rLo_PT-F_A6Ro3qTJGJ6IzKxSJnYq8Ncz7rFK7B64jGOslNVzzq4C5f7dJp36ee1Nb1Te_klpZe-tyel0_6iXknacKGgJ0DQRIl3PLqfbVy9ydwl8n7W0iKof5YQp1Qvwfv4hFSS9WOdxOUvs9FG_UVGM3ZI0E6RoJBYKk658GSWQFII4nmZS_WfpGZ5mzPXG8UIiufWwgfJiWECarKMkQ97AdTa0
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
2e55e38aa861959f897fed3d681696c8195fd7d305b25ff5599bf02add3c5138
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
976
expires
-1
617.json
id5-sync.com/g/v2/ 		251 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/617.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
8e7531845e993881dbcfe417866a4ff602262056b57fdbe8b5486b7f9ccc9324
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 28 Nov 2023 09:39:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame BA05
Redirect Chain
  • https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=6b4c9fc0-2013-4aee-8331-5036f857e766&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&gdpr_co...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NmI0YzlmYzAtMjAxMy00YWVlLTgzMzEtNTAzNmY4NTdlNzY2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NmI0YzlmYzAtMjAxMy00YWVlLTgzMzEtNTAzNmY4NTdlNzY2
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=177687&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=4149e1c1-7630-4bd7-8420-18c3af2a1f9c_630cb0c6-c8be-4c83-9c0d-2a1db55aaaa3&vid=6b4c9fc0-2013-4aee-8331-5036f857e766&1701164383723
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
server
pekko-http/1.0.0
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NmI0YzlmYzAtMjAxMy00YWVlLTgzMzEtNTAzNmY4NTdlNzY2
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Tue, 28 Nov 2023 09:39:43 GMT
generic
match.adsrvr.org/track/cmf/ Frame BA05 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=teads&ttd_tpi=1&gdpr=0&gdpr_consent=&_t=1701164383804
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=177687&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=4149e1c1-7630-4bd7-8420-18c3af2a1f9c_630cb0c6-c8be-4c83-9c0d-2a1db55aaaa3&vid=6b4c9fc0-2013-4aee-8331-5036f857e766&1701164383723
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:43 GMT
server
Kestrel
content-length
70
content-type
image/gif
um
sync.teads.tv/ Frame BA05
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent=&_t=1701164383804
  • https://sync.teads.tv/um?fp=1&eid=80&uid=c6920cf0-6cdb-4a7f-81d4-ff8475321b7f&gdpr=0&gdpr_consent=
23 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?fp=1&eid=80&uid=c6920cf0-6cdb-4a7f-81d4-ff8475321b7f&gdpr=0&gdpr_consent=
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=177687&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=4149e1c1-7630-4bd7-8420-18c3af2a1f9c_630cb0c6-c8be-4c83-9c0d-2a1db55aaaa3&vid=6b4c9fc0-2013-4aee-8331-5036f857e766&1701164383723
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Tue, 28 Nov 2023 09:39:44 GMT
pragma
no-cache
date
Tue, 28 Nov 2023 09:39:44 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync.teads.tv/um?fp=1&eid=80&uid=c6920cf0-6cdb-4a7f-81d4-ff8475321b7f&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
534798
content-length
0
expires
Tue, 28 Nov 2023 00:00:00 GMT
um
sync.teads.tv/ Frame BA05
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/teads/6b4c9fc0-2013-4aee-8331-5036f857e766?gdpr=0&gdpr_consent=&_t=1701164383804
  • https://sync.teads.tv/um?eid=132&uid=y-GgQl0.JE2oTUYddviD9DL1fvBFc7zvajaoM-~A
23 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=132&uid=y-GgQl0.JE2oTUYddviD9DL1fvBFc7zvajaoM-~A
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=177687&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=4149e1c1-7630-4bd7-8420-18c3af2a1f9c_630cb0c6-c8be-4c83-9c0d-2a1db55aaaa3&vid=6b4c9fc0-2013-4aee-8331-5036f857e766&1701164383723
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Tue, 28 Nov 2023 09:39:44 GMT
pragma
no-cache
date
Tue, 28 Nov 2023 09:39:44 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

date
Tue, 28 Nov 2023 09:39:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.teads.tv/um?eid=132&uid=y-GgQl0.JE2oTUYddviD9DL1fvBFc7zvajaoM-~A
content-length
0
/
loadm.exelator.com/load/ Frame BA05 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=810&j=0&buid=6b4c9fc0-2013-4aee-8331-5036f857e766_eu_ch&gdpr_consent=&_t=1701164383804
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=177687&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=4149e1c1-7630-4bd7-8420-18c3af2a1f9c_630cb0c6-c8be-4c83-9c0d-2a1db55aaaa3&vid=6b4c9fc0-2013-4aee-8331-5036f857e766&1701164383723
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
44858
tags.bluekai.com/site/ Frame BA05 		62 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/44858?id=6b4c9fc0-2013-4aee-8331-5036f857e766_eu_ch&limit=1&gdpr_consent=&_t=1701164383804
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=177687&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=4149e1c1-7630-4bd7-8420-18c3af2a1f9c_630cb0c6-c8be-4c83-9c0d-2a1db55aaaa3&vid=6b4c9fc0-2013-4aee-8331-5036f857e766&1701164383723
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 28 Nov 2023 09:39:44 GMT
content-length
62
content-type
image/gif
474599.gif
idsync.rlcdn.com/ Frame BA05 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/474599.gif?partner_uid=6b4c9fc0-2013-4aee-8331-5036f857e766_ch&cv=&_t=1701164383804
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=177687&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=4149e1c1-7630-4bd7-8420-18c3af2a1f9c_630cb0c6-c8be-4c83-9c0d-2a1db55aaaa3&vid=6b4c9fc0-2013-4aee-8331-5036f857e766&1701164383723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
g.pixel
aa.agkn.com/adscores/ Frame BA05 		43 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212301178&puid=6b4c9fc0-2013-4aee-8331-5036f857e766_ch&_tid=6b4c9fc0-2013-4aee-8331-5036f857e766&gdpr_consent=&_t=1701164383804
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=177687&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=4149e1c1-7630-4bd7-8420-18c3af2a1f9c_630cb0c6-c8be-4c83-9c0d-2a1db55aaaa3&vid=6b4c9fc0-2013-4aee-8331-5036f857e766&1701164383723
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.22.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-22-54.eu-west-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:44 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
expires
0
usermatch.gif
beacon.krxd.net/ Frame BA05 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=teadspartner&partner_uid=6b4c9fc0-2013-4aee-8331-5036f857e766_ch&gdpr_consent=&_t=1701164383804
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=177687&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=4149e1c1-7630-4bd7-8420-18c3af2a1f9c_630cb0c6-c8be-4c83-9c0d-2a1db55aaaa3&vid=6b4c9fc0-2013-4aee-8331-5036f857e766&1701164383723
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.253.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-253-18.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
beacon-n010-dub-prod.krxd.net
date
Tue, 28 Nov 2023 09:39:43 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1701164383
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usersync
sync.springserve.com/ Frame BA05
Redirect Chain
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=6b4c9fc0-2013-4aee-8331-5036f857e766&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&gdpr_consent...
  • https://sync.springserve.com/usersync?aid=1000024&uuid=6b4c9fc0-2013-4aee-8331-5036f857e766
43 B
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000024&uuid=6b4c9fc0-2013-4aee-8331-5036f857e766
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=177687&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=4149e1c1-7630-4bd7-8420-18c3af2a1f9c_630cb0c6-c8be-4c83-9c0d-2a1db55aaaa3&vid=6b4c9fc0-2013-4aee-8331-5036f857e766&1701164383723
Protocol
H2
Server
54.78.136.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-136-71.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 28 Nov 2023 09:39:44 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:44 GMT
server
pekko-http/1.0.0
content-type
text/html; charset=UTF-8
location
https://sync.springserve.com/usersync?aid=1000024&uuid=6b4c9fc0-2013-4aee-8331-5036f857e766
cache-control
max-age=0, no-cache, no-store
content-length
164
expires
Tue, 28 Nov 2023 09:39:44 GMT
report
sync.teads.tv/um/ Frame BA05
Redirect Chain
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=3&google_nid=teadstv_ab&uid=&vid=6b4c9fc0-2013-4aee-8331-5036f857e766&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NmI0YzlmYzAtMjAxMy00YWVlLTgzMzEtNTAzNmY4NTdlNzY2
  • https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
23 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=177687&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=4149e1c1-7630-4bd7-8420-18c3af2a1f9c_630cb0c6-c8be-4c83-9c0d-2a1db55aaaa3&vid=6b4c9fc0-2013-4aee-8331-5036f857e766&1701164383723
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Tue, 28 Nov 2023 09:39:44 GMT
pragma
no-cache
date
Tue, 28 Nov 2023 09:39:44 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
632
a.ad.gt/api/v1/u/matches/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/632?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.sanook.com%2F&ref=&_it=amazon&partner_id=632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b936c3a9493926be31cf3379e6b47212304d97b744c142522f57e13f038f72f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:44 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Tue, 28 Nov 2023 09:33:42 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
82d1a537ef281e4d-FRA
bootstrap.js
s1.adform.net/stoat/630/s1.adform.net/ Frame 3CC6 		37 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=69875459;rtbwp=1.3502689900377405;rtbdata=Pv4L8eE6RXhzvhz1L3yBVyo1CAlSRgJqnY6ZyIKx01ymh5GeCFLwIniHRsF1CjrxXaJtTX-e0t7sthlzKb7rh9b8noW-WRTdTJSuMu4zYMZoQbqzToE2f-xnFIfkTIG6jcONn6RXKWEY6iboAFGKRONYBwSIZ5zoDyzQYdeTwc9js3LzooiWlugSQI3nKB0fVF31rLo_PT-F_A6Ro3qTJGJ6IzKxSJnYq8Ncz7rFK7B64jGOslNVzzq4C5f7dJp36ee1Nb1Te_klpZe-tyel0_6iXknacKGgJ0DQRIl3PLqfbVy9ydwl8n7W0iKof5YQp1Qvwfv4hFSS9WOdxOUvs9FG_UVGM3ZI0E6RoJBYKk658GSWQFII4nmZS_WfpGZ5mzPXG8UIiufWwgfJiWECarKMkQ97AdTa0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c9b3df2175f6b51e8c7ca74de67d096dad198f28de115078f9332fa3fb379ab5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:44 GMT
content-encoding
gzip
last-modified
Fri, 17 Nov 2023 10:42:02 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sat, 18 Nov 2023 15:27:20 GMT
wl
t.pubmatic.com/ 		17 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:43 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
cs
s.thebrighttag.com/ Frame FE1A
Redirect Chain
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=TBHcwu7WZXS41D0yeVDAm3Wml9Ncx4OT
35 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=TBHcwu7WZXS41D0yeVDAm3Wml9Ncx4OT
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
3.131.216.228 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-131-216-228.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:44 GMT
x-bt-requestid
0fe21f31-8dd2-11ee-bca8-0000ac1701a3
server
nginx
content-type
image/gif
access-control-allow-origin
p3p
CP=NOI DSP COR NID
cache-control
private, must-revalidate
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=TBHcwu7WZXS41D0yeVDAm3Wml9Ncx4OT
date
Tue, 28 Nov 2023 09:39:43 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
844520
content-length
0
liveads.
fundingchoicesmessages.google.com/f/AGSKWxWOOWzN0Ogzc1hTlUHHp76AFipUG5i6JtE09JYmwjy5w16y-AaExF9QPiJAlnMD6587t1H5uEpJRuD6bymEx15Bbp2C9IPHwOhLQb2fwwpRpgJT6ofUJES7y9HQl3QtXUY_Bj4aTQowiQstt9jqHdVR6JEDi... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWOOWzN0Ogzc1hTlUHHp76AFipUG5i6JtE09JYmwjy5w16y-AaExF9QPiJAlnMD6587t1H5uEpJRuD6bymEx15Bbp2C9IPHwOhLQb2fwwpRpgJT6ofUJES7y9HQl3QtXUY_Bj4aTQowiQstt9jqHdVR6JEDirB6Swft9KIm3m94iMccpumFSYHrkEPr/_/ads/468a.-ads/728x/layout/ad./adzoneplayerright./liveads.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nts5LvYIobk.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMx-VBI7cufk83j17-qyMs5NHKqYbA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0832d3e0e2966c6aaf17eaddddf183c6b777673b7bc8e261de36b03c1fcbcaa4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ndFCOxDo5qd2Aw008zaPBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:44 GMT
content-security-policy
script-src 'report-sample' 'nonce-ndFCOxDo5qd2Aw008zaPBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
osd.js
pagead2.googlesyndication.com/pagead/ 		61 B
76 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nts5LvYIobk.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMx-VBI7cufk83j17-qyMs5NHKqYbA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:10:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
1734
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51
x-xss-protection
0
server
cafe
etag
16023549773543154165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 10:10:50 GMT
AGSKWxU5B9TOdCQ4sN5o92Rqf7Tpsrx4Q8KuYakF7bNSCY7Z2xpkgYflGTpk6OJ3BtYV9O6zJhkdFYgLp3X-rSThCOywlivm4axxfhCDbOLPtYcdTHF1iK-vkAjBWIHyKvf3Dcl5jawHxQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU5B9TOdCQ4sN5o92Rqf7Tpsrx4Q8KuYakF7bNSCY7Z2xpkgYflGTpk6OJ3BtYV9O6zJhkdFYgLp3X-rSThCOywlivm4axxfhCDbOLPtYcdTHF1iK-vkAjBWIHyKvf3Dcl5jawHxQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMyTmwD9vZzPw60_wPGGncvG1CmM1A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-OHD2d1YeSgf2OxC2Fd4A9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Nov 2023 09:39:44 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-OHD2d1YeSgf2OxC2Fd4A9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU5B9TOdCQ4sN5o92Rqf7Tpsrx4Q8KuYakF7bNSCY7Z2xpkgYflGTpk6OJ3BtYV9O6zJhkdFYgLp3X-rSThCOywlivm4axxfhCDbOLPtYcdTHF1iK-vkAjBWIHyKvf3Dcl5jawHxQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU5B9TOdCQ4sN5o92Rqf7Tpsrx4Q8KuYakF7bNSCY7Z2xpkgYflGTpk6OJ3BtYV9O6zJhkdFYgLp3X-rSThCOywlivm4axxfhCDbOLPtYcdTHF1iK-vkAjBWIHyKvf3Dcl5jawHxQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMyTmwD9vZzPw60_wPGGncvG1CmM1A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bvIB_rvl3dMGr5kTgJ6Qaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Nov 2023 09:39:44 GMT
content-security-policy
script-src 'report-sample' 'nonce-bvIB_rvl3dMGr5kTgJ6Qaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU5B9TOdCQ4sN5o92Rqf7Tpsrx4Q8KuYakF7bNSCY7Z2xpkgYflGTpk6OJ3BtYV9O6zJhkdFYgLp3X-rSThCOywlivm4axxfhCDbOLPtYcdTHF1iK-vkAjBWIHyKvf3Dcl5jawHxQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU5B9TOdCQ4sN5o92Rqf7Tpsrx4Q8KuYakF7bNSCY7Z2xpkgYflGTpk6OJ3BtYV9O6zJhkdFYgLp3X-rSThCOywlivm4axxfhCDbOLPtYcdTHF1iK-vkAjBWIHyKvf3Dcl5jawHxQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMyTmwD9vZzPw60_wPGGncvG1CmM1A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sc4gcCbukr2uxEH2hF35Jg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Nov 2023 09:39:44 GMT
content-security-policy
script-src 'report-sample' 'nonce-sc4gcCbukr2uxEH2hF35Jg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU5B9TOdCQ4sN5o92Rqf7Tpsrx4Q8KuYakF7bNSCY7Z2xpkgYflGTpk6OJ3BtYV9O6zJhkdFYgLp3X-rSThCOywlivm4axxfhCDbOLPtYcdTHF1iK-vkAjBWIHyKvf3Dcl5jawHxQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU5B9TOdCQ4sN5o92Rqf7Tpsrx4Q8KuYakF7bNSCY7Z2xpkgYflGTpk6OJ3BtYV9O6zJhkdFYgLp3X-rSThCOywlivm4axxfhCDbOLPtYcdTHF1iK-vkAjBWIHyKvf3Dcl5jawHxQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMyTmwD9vZzPw60_wPGGncvG1CmM1A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-RWFMx_9ZTmyZinPoosRDiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Nov 2023 09:39:44 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-RWFMx_9ZTmyZinPoosRDiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.sanook.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXqIgRtzwoLxRyqai0rJvzKRU-BCFSjg2IS4QJEEvtRJMwi5_ejhi1nGf8_zDPjVvnbNc4MCdvlLjqdeiDNipsAyJY70ERMgZoi7DmARbsWUqS4-rnGi-4web0p66qDQsV5HtrY9g==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXqIgRtzwoLxRyqai0rJvzKRU-BCFSjg2IS4QJEEvtRJMwi5_ejhi1nGf8_zDPjVvnbNc4MCdvlLjqdeiDNipsAyJY70ERMgZoi7DmARbsWUqS4-rnGi-4web0p66qDQsV5HtrY9g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxMTY0Mzg0LDk1MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNywxMCw2XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cuc2Fub29rLmNvbS8iLG51bGwsW1s4LCJOdHM1THZZSW9iayJdLFs5LCJkZSJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMyTmwD9vZzPw60_wPGGncvG1CmM1A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b60f715cde193239756e037cbecc99fa97ca2d8928e259336177c7ce204cb333
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--77LYXQ0Jl4j1ytJQkn6HQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:44 GMT
content-security-policy
script-src 'report-sample' 'nonce--77LYXQ0Jl4j1ytJQkn6HQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/adfserve/ Frame 3CC6 		23 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=69875459;rtbwp=1.3502689900377405;rtbdata=Pv4L8eE6RXhzvhz1L3yBVyo1CAlSRgJqnY6ZyIKx01ymh5GeCFLwIniHRsF1CjrxXaJtTX-e0t7sthlzKb7rh9b8noW-WRTdTJSuMu4zYMZoQbqzToE2f-xnFIfkTIG6jcONn6RXKWEY6iboAFGKRONYBwSIZ5zoDyzQYdeTwc9js3LzooiWlugSQI3nKB0fVF31rLo_PT-F_A6Ro3qTJGJ6IzKxSJnYq8Ncz7rFK7B64jGOslNVzzq4C5f7dJp36ee1Nb1Te_klpZe-tyel0_6iXknacKGgJ0DQRIl3PLqfbVy9ydwl8n7W0iKof5YQp1Qvwfv4hFSS9WOdxOUvs9FG_UVGM3ZI0E6RoJBYKk658GSWQFII4nmZS_WfpGZ5mzPXG8UIiufWwgfJiWECarKMkQ97AdTa0;js=1;adfxid=1x;8880;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.sanook.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e161aaa7e830debe303b2082ee4db2b3caaf552c17f5d324dc581f512221fda4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3531
expires
-1
wl
t.pubmatic.com/ 		17 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:44 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:44 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
AGSKWxUHc3X3DsjF9D6fHz5AsNbZaQJFeftjhDDamwZ36UDkrlp23GZvlxyJT7DmS3IkcTBdcBB947IZDYOAdfDAE0zntmx9iUU__j3DaCy3_XBVUnszczurb6ekEU2xYq87n5LXRttARQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUHc3X3DsjF9D6fHz5AsNbZaQJFeftjhDDamwZ36UDkrlp23GZvlxyJT7DmS3IkcTBdcBB947IZDYOAdfDAE0zntmx9iUU__j3DaCy3_XBVUnszczurb6ekEU2xYq87n5LXRttARQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMyTmwD9vZzPw60_wPGGncvG1CmM1A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AsuaQyKqkc6VAmw1yKaIdg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Nov 2023 09:39:44 GMT
content-security-policy
script-src 'report-sample' 'nonce-AsuaQyKqkc6VAmw1yKaIdg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
Standard
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 3CC6 		91 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ed8343699e054a0900f23319e31cba32ad43bf77136313508ea25d86073366bb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:44 GMT
content-encoding
gzip
last-modified
Fri, 17 Nov 2023 10:42:02 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sat, 18 Nov 2023 15:27:21 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E675 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssz2QC-LHEGLGhB-hnviaF6OiwHKjIXvPeng7-O3Szh6q5Jk04VSOTNlI0rIsc2BaISVs4YtWW8Nc9jytd5PbfOkTOu5yTMDZpIgh9XIn_yyyIk9KCka23-wpGpkfSqZ2LfVd6qYzQWSQv_lP36ChGUbjfemJFjudHRbQp-R9s03lFBx6JjsjqTJ4EHQZrwSg7dciU7mM8NR4JINgp212tDdiQT5Jx1CcrK_VFxEMg4bYUZu8NIOdg_5V5hscLQyVk6V9E-mEZeMdDa6btEDvyUuU9ywIHH9OY3a79JbaCSNN04xkw95H8j0FpVeu-ltlALEfVFCzBv3Ci4xZCWjcHEBvV2DiNhidnV6DH-KTcwM3soGCsmWPHyEeruz9qaspQ44IVWiBU&sai=AMfl-YSH-DMA4IpB7iYSdwPV3Zm7Dw0SlHIBu8vRePeeToa3hCU5x0mEVQfGKFIZeB0vaFfCRmbhygNeTxqj14Uz4GDGGT5URiKeWl8bl9eesDVStJ88foz18xCpuMtb1GdTiE88O7wPI12E7Y7x1wAdUvQ&sig=Cg0ArKJSzPage9LgNRz-EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 28 Nov 2023 09:39:44 GMT
/
track.adform.net/csimpr/ Frame 3CC6 		35 B
589 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=69875459&csi=-7pdXZsD8aY-_EG0-tC82hp-TZrM_IZH5x2-nENigBceZ5LxeijmhQu28utQIpdB3TXkrpyJ4p7RyjT4QlmoZrn_2jUT2bozvI6k0N8iwsU1
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://a.teads.tv/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://a.teads.tv
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
9153529.js
s1.adform.net/Banners/Elements/Files/2012709/9153529/ Frame 85AD 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2012709/9153529/9153529.js?ADFassetID=9153529&bv=2049
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
2c52269df31048138642b05b8ea72ceeeab9d5b3e464c26f7168681d0c726d41

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:44 GMT
content-encoding
gzip
last-modified
Thu, 26 May 2022 05:48:13 GMT
server
nginx
x-amz-request-id
tx0000088444002507ddde4-006563ce00-32959e94-default
etag
W/"2bda412ab9e001a601090464bc83b85a"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
sodar
pagead2.googlesyndication.com/pagead/ Frame 859C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311140101&jk=4383154952573800&bg=!i4iliMfNAAZxrfrxUa07ADQBe5WfOBHEGHIYEP8uYItQ-4mIZLhSFSOmSySQ_SnKiMNc4BkYU2iQSsetDWj1jlNp0UXhAgAAAFVSAAAAAWgBB5kCzu---7XY6JOiVeujOq5HElWjFuR7lKUiJun5yyAHSiaxNi5BtCFq9JXXYohFR5b-_Zgb2ixsM4L_B6mKK8bnZbSeHEEKCJaGzmCPefYT9_7u-FQLWk2k5HbkQfGGGOP3XGe-ewA1GZGnxf0fsK9GSezhM73vOSUtYqMSocXhDSh7a7i3wxqkCi5EuYG4X2v99euNs9VhDk2F05f-9_XKQdpqcRIV564NsiwOlpccE-FcCc_xJciYCsz578KlPvXV0PCF_v5RpBg27NjHIrZ2m6K1zGF0zyWczjQEpZrxWQczrQS2NxKWt99dJRY4uTkR5vBZCmPuKhxWk-TUlILmmxUbZm3ZRjbbvHFITa4xEvzane5MYjVorLY8NnNwZcPRaeDRT_RBsY8-XQxre84mGko0isMygDWY7EYZvXv-USVmRuDkHXu79r1bdwHy-sjJLj5di_aB4PUvYpYUVKNH4JFiKQsqVYshP-b0ZrQOKv08djOxM2z5qrLgtVP-upWtKeQGjtAQBAm-RW1UyEXB80LsMtyAJoiHm3cl0ZvTiNZle-_JeOaNM1w16YBgVPe4iyFt2JjjYwfXLij0ANYQ4Y0Cg8xS1bBq9tNTD200JxwU2u3tMQU2_hgsm9BUR6Rzh6zqih_LSFJXUq06yTlabr-_yCel5MR7Jc1l33B0C-vm54dq5lPPLHEZMGj-ER6ZO5NZJ-lLoAra7j0j5LrYYpcT-59FoNR_8WIPlN_Ydu1Wiy1Iq6gA4F1mONqC49JIiPmzdQpF7YmTOd0xn5nnOSP9fjtZ8sbCfYWMAg1MRhWByX3cfv8XCXyCLU-WUHtd5RBm_x9UZ0ivHAugrH1HCWSuULoWXAZvkgJs5CfKCjofT1Us6pB4kYM4C7aRzJwO2aYb84GWWOTumOyK3MLjY3S-rmX5W0EcMmxpaBzaVb_d5R6e9hb074lWjVW2sUE
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 85AD 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=630
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7a785e8b2ad30e6279397d656a61f70ad6341ee944c310df19593d8fabd79d9f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:44 GMT
content-encoding
gzip
last-modified
Tue, 21 Nov 2023 08:14:37 GMT
server
nginx
x-amz-request-id
tx000003200605ea56ced66-00655c671a-32959ea8-default
etag
W/"d66b8df08256b7e89279e9f83d1d7c5e"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Adform.FlexGallery-1.js
s1.adform.net/banners/scripts/components/ Frame 85AD 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/components/Adform.FlexGallery-1.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9b6db9fa9496af49f62411e9f34276419859821a07655f975f8e513f0020379e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:44 GMT
content-encoding
gzip
last-modified
Wed, 25 May 2022 11:56:29 GMT
server
nginx
x-amz-request-id
tx0000080ebe814fbf5e334-006385f1ea-329373d4-default
etag
W/"ee01ca4f3f4d9554c2f9feb5ef8dc259"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
index_fb73d568a8cb9a6a8c05.js
s1.adform.net/Banners/Elements/Files/2012709/9153529/bvpath_2049/ Frame 85AD 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2012709/9153529/bvpath_2049/index_fb73d568a8cb9a6a8c05.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
dafeba77f9e1cb5475d5783eab65b1b22875210a7a3407e428588be09bfa4f6f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:44 GMT
content-encoding
gzip
last-modified
Thu, 26 May 2022 05:48:13 GMT
server
nginx
x-amz-request-id
tx000007f90631a42750040-006563ce01-32959ea8-default
etag
W/"10973de52fc6f7486a5c6f9e2e62446a"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
activeview
pagead2.googlesyndication.com/pcs/ Frame 714D 		42 B
175 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-J7tV93vkjMUzTBzamlbf9mtArE4YVxFI3G85Mh_zwOxrdMgr2YSOOpqKhEP4r1Qeqi0gzwFxl_403z41RqzPg0hs5bzVIwzqIfqquuCjogzRNY2RzmMzAAD0hB8ajvF88WEHG1rZUA&sig=Cg0ArKJSzDVU3UxQzU-uEAE&id=lidar2&mcvt=1000&p=0,225,90,1375&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3448326100&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701164381993&rpt=1348&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Adform.FlexGallery-1.css
s1.adform.net/banners/scripts/components/styles/ Frame 85AD 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/components/styles/Adform.FlexGallery-1.css
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/components/Adform.FlexGallery-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
45a96d79c3d1efb7e227b4a23d40a3184e69296a4aa1563de5b5ec9179a3d6ef

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:44 GMT
content-encoding
gzip
last-modified
Wed, 25 May 2022 12:05:31 GMT
server
nginx
x-amz-request-id
tx00000cbcea16c26584ec2-006385f1ea-32940f80-default
etag
W/"3863c66e33bc91dae3a74d52c23ab763"
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
tgframe.html
cdn.taboola.com/webpush/ Frame C712 		530 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/webpush/tgframe.html
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/webpush/publishers/1011713/taboola-push-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee855581a36f5e32f1850e5d174d46156e51d3790a84851000c6b8cc0f135408

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

abp
62
accept-ranges
bytes
access-control-allow-origin
*
age
82
cache-control
private,max-age=14400
content-encoding
gzip
content-length
290
content-type
text/html
date
Tue, 28 Nov 2023 09:39:44 GMT
etag
"279913f0b9685fbf713832b8a94e8140"
last-modified
Tue, 25 May 2021 10:44:34 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 varnish
x-amz-id-2
Hy07k+4/BeI9QQdhTCdN3BSbJb5k2vxZL8qmLsejqIW6/vBsrt+kiKcSebuWTOFMSntM6dwnhv0=
x-amz-replication-status
COMPLETED
x-amz-request-id
AXQFH466HMKV07BK
x-amz-version-id
eCJpg3h26Rvju2v48GlDAqZa5i1cGp21
x-cache
HIT
x-cache-hits
1
x-served-by
cache-fra-eddf8230118-FRA
x-timer
S1701164384.441616,VS0,VE1
nr-rum-1.246.1.min.js
js-agent.newrelic.com/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-rum-1.246.1.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef19e3064e5fd9e046a6f4661949e2c7b1c7862f5269ac227ab08b8f63da87fe
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
RDDAwCkVSpQHx6hy0l8q2dFgVzGGMuQC
content-encoding
br
via
1.1 varnish
date
Tue, 28 Nov 2023 09:39:44 GMT
strict-transport-security
max-age=300
x-amz-request-id
DFZWV2Z0W8SVTMQ4
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
15673
x-amz-id-2
Y1o02ngYS9GSyYMTnZfNaLkZYF2Ng5U3OSMDbFJSoDOKwl98j5i58Sjtuv4hjeJbfl3Ks/nLW3I=
x-served-by
cache-fra-eddf8230061-FRA
last-modified
Tue, 31 Oct 2023 15:33:55 GMT
server
AmazonS3
x-timer
S1701164384.499572,VS0,VE0
etag
"04fdba12d14ecd22e6ac743bca4e0072"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
557113
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311130101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ab6c17b95e47fc6688982ee28ad157ba27f0e3ef1a463b2715792c34f0384ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12219
x-xss-protection
0
85574e59a812c1d5abbb760afbe9be76.woff
s1.adform.net/Banners/Elements/Files/2012709/9153529/bvpath_2049/assets/ Frame 85AD 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2012709/9153529/bvpath_2049/assets/85574e59a812c1d5abbb760afbe9be76.woff
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3936054dfba8afc25f50966384b7652eebb1a7e99af1d2b0b05d66c448b937a6

Request headers

Referer
Origin
https://a.teads.tv
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:44 GMT
last-modified
Thu, 26 May 2022 05:48:13 GMT
server
nginx
x-amz-request-id
tx0000035c962b699baa6b8-006563ce01-329558a4-default
etag
"85574e59a812c1d5abbb760afbe9be76"
x-cache-status
STALE
content-type
application/font-woff
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
14912
6e796fd4dd31f0a1b0d5fecca0026554.woff
s1.adform.net/Banners/Elements/Files/2012709/9153529/bvpath_2049/assets/ Frame 85AD 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2012709/9153529/bvpath_2049/assets/6e796fd4dd31f0a1b0d5fecca0026554.woff
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
455059cfa6b8b8c8fd464634346d5425d31704ead8bc2edd781d409b7fe170a9

Request headers

Referer
Origin
https://a.teads.tv
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:44 GMT
last-modified
Thu, 26 May 2022 05:48:13 GMT
server
nginx
x-amz-request-id
tx000004e9dbb71f084dc30-006563ce01-32959ea8-default
etag
"6e796fd4dd31f0a1b0d5fecca0026554"
x-cache-status
STALE
content-type
application/font-woff
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
33028
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
f4bb6c152c06cdb9be9ea4e80e4862f3feea51ba5d7121de4295320d232d44f1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 28 Nov 2023 09:39:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Nov 2023 09:39:44 GMT
v3
id5-sync.com/gm/ 		319 B
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
bea009c9830ecb3678ffe9bca52c39add63548c44abda970ed22cf783e772dbb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 28 Nov 2023 09:39:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
8f062114d3
bam.nr-data.net/1/ 		40 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/8f062114d3?a=50891400&sa=1&v=1.246.1&t=Unnamed%20Transaction&rst=7033&ck=0&s=0&ref=https://www.sanook.com/&be=1985&fe=4957&dc=1701&perf=%7B%22timing%22:%7B%22of%22:1701164377496,%22n%22:0,%22f%22:641,%22dn%22:1272,%22dne%22:1272,%22c%22:1272,%22s%22:1521,%22ce%22:1759,%22rq%22:1760,%22rp%22:1986,%22rpe%22:2195,%22di%22:2211,%22ds%22:3684,%22de%22:3686,%22dc%22:6940,%22l%22:6940,%22le%22:6942%7D,%22navigation%22:%7B%7D%7D&fp=3508&fcp=3508
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-rum-1.246.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

Date
Tue, 28 Nov 2023 09:39:44 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.sanook.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
CF-Ray
82d1a53bfb6590da-FRA
Content-Length
40
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0C41 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
388
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 09:33:16 GMT
expires
Wed, 27 Nov 2024 09:33:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C958 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
845cdf71d942ab02d1889c6aff6a2bbaa384c70f097272900bb9e5e4c8bb5b10
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vCgQllU70BSAwtsKh20DiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-vCgQllU70BSAwtsKh20DiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 09:39:44 GMT
expires
Tue, 28 Nov 2023 09:39:44 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 0C41 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:51:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
6518
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Nov 2024 07:51:06 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C958 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311130101&jk=1776707198809051&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
10919036.jpg
s1.adform.net/banners/Elements/Files/2012709/ Frame 85AD
Redirect Chain
  • https://track.adform.net/banners/Elements/Files/2012709/10919036.jpg?assetID=10919036&av=1
  • https://s1.adform.net/banners/Elements/Files/2012709/10919036.jpg?assetID=10919036&av=1
23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/banners/Elements/Files/2012709/10919036.jpg?assetID=10919036&av=1
Protocol
H2
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
2cc75f01d2068dd0c212759aab59ca81c9ac1b42c5ae136c076586f6f588661d

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:44 GMT
last-modified
Thu, 26 May 2022 05:47:50 GMT
server
nginx
x-amz-request-id
tx00000b239095eb44ad4d0-006563ce02-329552a5-default
etag
"87fe462702b9500e1d2e96a8b4dbe800"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
23309

Redirect headers

location
https://s1.adform.net/banners/Elements/Files/2012709/10919036.jpg?assetID=10919036&av=1
date
Tue, 28 Nov 2023 09:39:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
content-type
text/html
13977583.png
s1.adform.net/banners/Elements/Files/2012709/ Frame 85AD
Redirect Chain
  • https://track.adform.net/banners/Elements/Files/2012709/13977583.png?assetID=13977583&av=1
  • https://s1.adform.net/banners/Elements/Files/2012709/13977583.png?assetID=13977583&av=1
19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/banners/Elements/Files/2012709/13977583.png?assetID=13977583&av=1
Protocol
H2
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
2ca9e311e9f3f2ba5a4c4cffebe62c9292f27887d3d48ea4e0d2a7d443741805

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:44 GMT
last-modified
Thu, 23 Nov 2023 09:12:09 GMT
server
nginx
x-amz-request-id
tx000007134c92cbc35ea5f-006563ce02-329552a5-default
etag
"77929014178bd23978f842a3a495fadb"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
19628

Redirect headers

location
https://s1.adform.net/banners/Elements/Files/2012709/13977583.png?assetID=13977583&av=1
date
Tue, 28 Nov 2023 09:39:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
content-type
text/html
12286594.png
s1.adform.net/banners/Elements/Files/2012709/ Frame 85AD
Redirect Chain
  • https://track.adform.net/banners/Elements/Files/2012709/12286594.png?assetID=12286594&av=1
  • https://s1.adform.net/banners/Elements/Files/2012709/12286594.png?assetID=12286594&av=1
18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/banners/Elements/Files/2012709/12286594.png?assetID=12286594&av=1
Protocol
H2
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
27466c07ad57e286770fd8ad900aac51df818685f0e134ab890d8692c7174a08

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:44 GMT
last-modified
Fri, 20 Jan 2023 14:45:27 GMT
server
nginx
x-amz-request-id
tx00000aff8eb9bbe876f23-006563ce02-3295f919-default
etag
"a693fd4aed01c7ba8cbdfc0592150ac0"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
18169

Redirect headers

location
https://s1.adform.net/banners/Elements/Files/2012709/12286594.png?assetID=12286594&av=1
date
Tue, 28 Nov 2023 09:39:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
content-type
text/html
13973395.png
s1.adform.net/banners/Elements/Files/2012709/ Frame 85AD
Redirect Chain
  • https://track.adform.net/banners/Elements/Files/2012709/13973395.png?assetID=13973395&av=1
  • https://s1.adform.net/banners/Elements/Files/2012709/13973395.png?assetID=13973395&av=1
54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/banners/Elements/Files/2012709/13973395.png?assetID=13973395&av=1
Protocol
H2
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
88f926a23425cba8a243ae6da41cd2bdc89896f2aa31ca1ec776d8b9f092a022

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:44 GMT
last-modified
Wed, 22 Nov 2023 13:23:43 GMT
server
nginx
x-amz-request-id
tx000008f48f11b3e78e151-006563cdfc-329552a5-default
etag
"92cfffe6df427d74a207aa7e84899497"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
55236

Redirect headers

location
https://s1.adform.net/banners/Elements/Files/2012709/13973395.png?assetID=13973395&av=1
date
Tue, 28 Nov 2023 09:39:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
content-type
text/html
13977584.png
s1.adform.net/banners/Elements/Files/2012709/ Frame 85AD
Redirect Chain
  • https://track.adform.net/banners/Elements/Files/2012709/13977584.png?assetID=13977584&av=2
  • https://s1.adform.net/banners/Elements/Files/2012709/13977584.png?assetID=13977584&av=2
61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/banners/Elements/Files/2012709/13977584.png?assetID=13977584&av=2
Protocol
H2
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d464db80aa9b93727bd559950ad128858761a829a1f7c35a996093096ce611e0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:44 GMT
last-modified
Thu, 23 Nov 2023 12:38:53 GMT
server
nginx
x-amz-request-id
tx000000e0e894580728ea8-006563cdfc-32959ea8-default
etag
"542801ec2d8e632e34c04fdca902e7f6"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
62352

Redirect headers

location
https://s1.adform.net/banners/Elements/Files/2012709/13977584.png?assetID=13977584&av=2
date
Tue, 28 Nov 2023 09:39:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
content-type
text/html
13973393.png
s1.adform.net/banners/Elements/Files/2012709/ Frame 85AD
Redirect Chain
  • https://track.adform.net/banners/Elements/Files/2012709/13973393.png?assetID=13973393&av=1
  • https://s1.adform.net/banners/Elements/Files/2012709/13973393.png?assetID=13973393&av=1
43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/banners/Elements/Files/2012709/13973393.png?assetID=13973393&av=1
Protocol
H2
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
5b081291930d26712fc6d2fa06c9c66e13086d8734fb3c6c868f058737a47043

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:44 GMT
last-modified
Wed, 22 Nov 2023 13:23:43 GMT
server
nginx
x-amz-request-id
tx000001c78f4faa053a069-006563cdfc-3295f919-default
etag
"49207fadd9ef7f49587b3b04b9e9c4c7"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
43534

Redirect headers

location
https://s1.adform.net/banners/Elements/Files/2012709/13973393.png?assetID=13973393&av=1
date
Tue, 28 Nov 2023 09:39:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
content-type
text/html
13973392.png
s1.adform.net/banners/Elements/Files/2012709/ Frame 85AD
Redirect Chain
  • https://track.adform.net/banners/Elements/Files/2012709/13973392.png?assetID=13973392&av=1
  • https://s1.adform.net/banners/Elements/Files/2012709/13973392.png?assetID=13973392&av=1
46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/banners/Elements/Files/2012709/13973392.png?assetID=13973392&av=1
Protocol
H2
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9940aa698f6c244e473e4c08da70cbf1f19ae9c39accc13df0f787223d84b39d

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:44 GMT
last-modified
Wed, 22 Nov 2023 13:23:43 GMT
server
nginx
x-amz-request-id
tx00000fcf0895633d2cc17-006563cdfc-3295cc06-default
etag
"a30d94146556dfc82869e71821e335e4"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
47265

Redirect headers

location
https://s1.adform.net/banners/Elements/Files/2012709/13973392.png?assetID=13973392&av=1
date
Tue, 28 Nov 2023 09:39:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
content-type
text/html
/
track.adform.net/Serving/Event/ Frame 3CC6 		35 B
589 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=69875459&event=1&time=1&baid=61473002&asid=9153529&name=First%20Frame%20view%20(300x250%20only)&imprid=3887631773675998107&icid=3272303205484064919&eData=-7pdXZsD8aZ0hOrh_KoCqv2fFJfQXw3RFVTtKkqvlBkJDwKV3Zer3KhxuwbMr0MD7vna1xRzLkl4UqEv4ZKcv2QBbo50IEXs0&rtbdata=Pv4L8eE6RXhzvhz1L3yBVyo1CAlSRgJqnY6ZyIKx01ymh5GeCFLwIniHRsF1CjrxXaJtTX-e0t7sthlzKb7rh9b8noW-WRTdTJSuMu4zYMZoQbqzToE2f-xnFIfkTIG6jcONn6RXKWEY6iboAFGKRONYBwSIZ5zoDyzQYdeTwc9js3LzooiWlugSQI3nKB0fVF31rLo_PT-F_A6Ro3qTJGJ6IzKxSJnYq8Ncz7rFK7B64jGOslNVzzq4C5f7dJp36ee1Nb1Te_klpZe-tyel0_6iXknacKGgJ0DQRIl3PLqfbVy9ydwl8n7W0iKof5YQp1Qvwfv4hFSS9WOdxOUvs9FG_UVGM3ZI0E6RoJBYKk658GSWQFII4nmZS_WfpGZ5mzPXG8UIiufWwgfJiWECarKMkQ97AdTa0&rtbwp=1.3502689900377405&rnd=932007241
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://a.teads.tv/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://a.teads.tv
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
generate_204
tpc.googlesyndication.com/ Frame 0C41 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?0AQsSw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:44 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame DAD8 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=5223468&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9ca7727fb1c6976ff4781468794f60a563b77b33c0a0e4d53b18a1f9a43cb3aa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 28 Nov 2023 09:39:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 09C9 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=BC54E062-1912-470B-9D76-E7D9475C5311&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 28 Nov 2023 09:39:44 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 3E21
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
260 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZWW1YAAC8pVjGgBd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 28 Nov 2023 09:39:45 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230136-FRA
x-timer
S1701164385.952591,VS0,VE93

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Tue, 28 Nov 2023 09:39:44 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZWW1YAAC8pVjGgBd
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230136-FRA
x-timer
S1701164385.843152,VS0,VE88
Pug
simage2.pubmatic.com/AdServer/ Frame A891
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 09:39:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Tue, 28 Nov 2023 09:39:44 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame 1819
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
42 B
266 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 09:39:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
176
Content-Type
text/html; charset=utf-8
Date
Tue, 28 Nov 2023 09:39:45 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Pragma
no-cache
bridge
cm.adgrx.com/ Frame A1B4 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
ams-delivery-4.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Tue, 28 Nov 2023 09:39:44 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-1
Pug
image2.pubmatic.com/AdServer/ Frame 7E23
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7517368090351806467
42 B
276 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7517368090351806467
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 09:39:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7517368090351806467
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
cm
ipac.ctnsnet.com/int/ Frame DE1A 		43 B
371 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 28 Nov 2023 09:39:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame AE67
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685631020937674
42 B
276 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685631020937674
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 09:39:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Tue, 28 Nov 2023 09:39:44 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685631020937674
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cookiesync
core.iprom.net/ Frame E6AE 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Tue, 28 Nov 2023 09:39:44 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-c404d8e2409d@version_1.577
X-core-time
0ms
X-server-arch
v2
pubmatic
ad.mrtnsvr.com/sync/ Frame B1F6 		0
0
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame FAAC 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame E553
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=5ed92b046b2ccc35/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=7fc7991411a53506ef1d6353dc1f2c6&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQ...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=uroLIz3lVnQRXhaWUhXjjjYV&gdpr=0&gdpr_consent=
42 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=uroLIz3lVnQRXhaWUhXjjjYV&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 09:39:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=uroLIz3lVnQRXhaWUhXjjjYV&gdpr=0&gdpr_consent=
i.match
s.tribalfusion.com/z/ Frame 10F0
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
82d1a53ea834bb3b-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 09:39:45 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
82d1a53d4ee3bb3b-FRA
content-type
text/html
date
Tue, 28 Nov 2023 09:39:45 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
2849
pub
matching.truffle.bid/sync/ Frame 3AC4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Tue, 28 Nov 2023 09:39:44 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame A270
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:1DA1F0AFECA740B28A374C19B15380E1&gdpr=0&gdpr_consent=
1 B
54 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:1DA1F0AFECA740B28A374C19B15380E1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 09:39:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Tue, 28 Nov 2023 09:39:44 GMT
expires
Mon, 27 Nov 2023 09:39:44 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:1DA1F0AFECA740B28A374C19B15380E1&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame A0ED
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1701164384870
  • https://ad.turn.com/r/cs?pid=45&rndcb=4111091465
  • https://sync.1rx.io/usersync/turn/8081171439538271367?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-b20348d1-6926-4cc4-8f4a-b98f1a61cfb9-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b20348d1-6926-4cc4-8f4a-b98f1a61cfb9-003
42 B
255 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b20348d1-6926-4cc4-8f4a-b98f1a61cfb9-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 09:39:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Tue, 28 Nov 2023 09:39:45 GMT
etag
RXb20348d169264cc48f4ab98f1a61cfb9003
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b20348d1-6926-4cc4-8f4a-b98f1a61cfb9-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
mw
mwzeom.zeotap.com/ Frame DAD8 		95 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=BC54E062-1912-470B-9D76-E7D9475C5311
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:44 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
82d1a53d5ca15d99-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame DAD8
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=BC54E062-1912-470B-9D76-E7D9475C5311&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=BC54E062-1912-470B-9D76-E7D9475C5311&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=BC54E062-1912-470B-9D76-E7D9475C5311&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.122 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:44 GMT
frontend-id
10
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:44 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=BC54E062-1912-470B-9D76-E7D9475C5311&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame DAD8
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=BC54E062-1912-470B-9D76-E7D9475C5311&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:44 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame DAD8
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:9763263e-a8ca-4c02-87f3-8fb2af258d65&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:9763263e-a8ca-4c02-87f3-8fb2af258d65&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 09:39:44 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:9763263e-a8ca-4c02-87f3-8fb2af258d65&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 28 Nov 2023 09:39:44 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
PugMaster
image6.pubmatic.com/AdServer/ Frame ED78 		47 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=76504216&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 28 Nov 2023 09:39:43 GMT
content-length
47
content-type
text/html; charset=UTF-8
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311130101&jk=1776707198809051&bg=!RkWlRQrNAAZxrfrxUa07ADQBe5WfOHfFAYB8p6C-BhLSymzPYgjbtI6hMKa6p0bl30FmVplbj1SY35ifmuXI0GaZC2YsAgAAAD5SAAAAAWgBBwoAMWmDhXHWKpK83VmMM0pM5YGo8tFBmHRlJCe4GDWV6le8Lu98KVcIw8f8w6Y7oSGzvNaZArvKko7KyFEYOCo85s6Quw47cp3-QTS9lqquDPjAnc9GwpcL2OELsWQ9IxYOsEnm7oZIJxEpiuYH9aWZPYtAgiVktJ_3m5pQezf9QrQitNMJUz_VJ-JBIXvIrLEqZwkauITnGBczN6Kx_Ab--q64CUV3YrG9fMaKUy4qlGCd-cgdRn0C_mzwkvVOTVTW1OQ5HdCS8Q1xZAqWnEKVSoV5rfRBMw_sZYv7kcbYFwk1aytz0xsX8daukYso9JvVs8POkDRWd02iXllGiOoFsvACKcAKw8zvpCp_jnAMnbDl6zqscWCUxkyEU9vOYQuwXUYpSAxIQM_8IgbRGNLeFVz4KvGHMuU2UXK8d6B0VDBl5CRPELzU_rkVTfNEJXwWFQHUVI8Gz0GgbRYAKbUE4MllrGi6O4A_aRkLDK03zsimZrN3WqMHkCnGr_cZVeRdqB7oPas5TcdHm-RPUHy5aft_HPzyN5nKfxcZB1P1hkjAETC6xhuipyzwy6X4Us46ICDqUAayE1KHmr92ZMFYAubGul1LRiu79qCR3WBmNKspz_Lt-C2Rhm9iZMJLpSSVEdPrNLoM4PkvlvU0OJzMdtA4GAZFcv1Ez8hu9Iu4BWhL-MugIRstvWWZwicwmEEz5jWdEvSJuXfRyAPNPHaopT7V1gDhaLg1zsTM9hHkqIl3TU2XaYPTKcqQ2fwC1braFT9QlacHeU5qDqiA1KbLV6KRdGwnTltySqR238DupZGCC_lLEzv2TRFjScECpzf3aj1cHwzeVxhNQ-BGJDBzUl_6AYt5c2GNR6Ghfp_9ByESYdbv48AO-c8NkqcUZo3Zc2eUdDCYqq7rulG_qE0Huv4QmJ_Nemnv25AUeLoZ2pZzLNvfgBEedpxyXdG5ojd1-964GlMSi9c7u8Yoh8wBcfUY5_zsROyzAJHgo-c7rS0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame E675 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu602Xl6zAOSejd-4Zx8Kj9dmruvF6xx5tIRTZuCECwoS3kb1QW1AWrJ8T--tLqWhJtOtXa_qEzvVxXQYUCUecmUN4vCb3duXcjwG2UyZi-vYlnh8N26Z1uEdVhKUZFR-k491fsOBRhAw&sig=Cg0ArKJSzKj73gePmv5DEAE&id=lidar2&mcvt=1000&p=950,1033,1200,1333&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=4033539290&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701164383251&rpt=1000&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
t2.teads.tv/ Frame 8AC9 		23 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-1&pid=177687&vid=6b4c9fc0-2013-4aee-8331-5036f857e766&pfid=42&piv=100&env=js-web&ut=1&auctid=4149e1c1-7630-4bd7-8420-18c3af2a1f9c_630cb0c6-c8be-4c83-9c0d-2a1db55aaaa3&sid=421436&scid=7024&pscid=15682&psid=93252&hb_provider=prebid&hb_ad_unit_code=rgpt-reca-4&p=7ivIQ9zSadzMGKQinxK9H-hcIyg10DWo9oKI-KxfAXcNUA&cts=1701164381928&cs=-122406628096078709705&1701164381927&slot=native&fv=1291&plft=apa,apnf&referer=https%3A%2F%2Fwww.sanook.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Tue, 28 Nov 2023 09:39:45 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
/
track.adform.net/Serving/Event/ Frame 3CC6 		35 B
589 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=69875459&event=178&time=2&baid=61473002&name=Viewable%20impressions&imprid=3887631773675998107&icid=3272303205484064919&eData=-7pdXZsD8aZ0hOrh_KoCqv2fFJfQXw3RFVTtKkqvlBkJDwKV3Zer3KhxuwbMr0MD7vna1xRzLkl4UqEv4ZKcv2QBbo50IEXs0&rtbdata=Pv4L8eE6RXhzvhz1L3yBVyo1CAlSRgJqnY6ZyIKx01ymh5GeCFLwIniHRsF1CjrxXaJtTX-e0t7sthlzKb7rh9b8noW-WRTdTJSuMu4zYMZoQbqzToE2f-xnFIfkTIG6jcONn6RXKWEY6iboAFGKRONYBwSIZ5zoDyzQYdeTwc9js3LzooiWlugSQI3nKB0fVF31rLo_PT-F_A6Ro3qTJGJ6IzKxSJnYq8Ncz7rFK7B64jGOslNVzzq4C5f7dJp36ee1Nb1Te_klpZe-tyel0_6iXknacKGgJ0DQRIl3PLqfbVy9ydwl8n7W0iKof5YQp1Qvwfv4hFSS9WOdxOUvs9FG_UVGM3ZI0E6RoJBYKk658GSWQFII4nmZS_WfpGZ5mzPXG8UIiufWwgfJiWECarKMkQ97AdTa0&rtbwp=1.3502689900377405&rnd=91625318
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://a.teads.tv/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://a.teads.tv
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 3CC6 		35 B
589 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=3272303205484064919@@69875459,3887631773675998107,100|1200|0|0|0|0|0|0|0||47|1|||||1|0|0|aLI9biBkedm48M5tcwHHbXRndPRJ74jR6BmxXgmWLMF6nuSLsjr6VRhpnBRkvb3lA7z_uuw_WOM1|||11||0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://a.teads.tv/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://a.teads.tv
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
track
t2.teads.tv/ Frame 8AC9 		23 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-2&pid=177687&vid=6b4c9fc0-2013-4aee-8331-5036f857e766&pfid=42&piv=100&env=js-web&ut=1&auctid=4149e1c1-7630-4bd7-8420-18c3af2a1f9c_630cb0c6-c8be-4c83-9c0d-2a1db55aaaa3&sid=421436&scid=7024&pscid=15682&psid=93252&hb_provider=prebid&hb_ad_unit_code=rgpt-reca-4&p=DooxxexqRRfOODTZ4a-9CsA2imKNUG-WM_NS6hmL_HTxvw&cts=1701164381928&cs=-7908730442700287405&1701164381927&slot=native&fv=1291&plft=apa,apnf&referer=https%3A%2F%2Fwww.sanook.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Tue, 28 Nov 2023 09:39:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
/
track.adform.net/Serving/Event/ Frame 3CC6 		35 B
580 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=69875459&event=201&time=3&baid=61473002&asid=9153529&name=1%20Product%20view&imprid=3887631773675998107&icid=3272303205484064919&eData=-7pdXZsD8aZ0hOrh_KoCqv2fFJfQXw3RFVTtKkqvlBkJDwKV3Zer3KhxuwbMr0MD7vna1xRzLkl4UqEv4ZKcv2QBbo50IEXs0&rtbdata=Pv4L8eE6RXhzvhz1L3yBVyo1CAlSRgJqnY6ZyIKx01ymh5GeCFLwIniHRsF1CjrxXaJtTX-e0t7sthlzKb7rh9b8noW-WRTdTJSuMu4zYMZoQbqzToE2f-xnFIfkTIG6jcONn6RXKWEY6iboAFGKRONYBwSIZ5zoDyzQYdeTwc9js3LzooiWlugSQI3nKB0fVF31rLo_PT-F_A6Ro3qTJGJ6IzKxSJnYq8Ncz7rFK7B64jGOslNVzzq4C5f7dJp36ee1Nb1Te_klpZe-tyel0_6iXknacKGgJ0DQRIl3PLqfbVy9ydwl8n7W0iKof5YQp1Qvwfv4hFSS9WOdxOUvs9FG_UVGM3ZI0E6RoJBYKk658GSWQFII4nmZS_WfpGZ5mzPXG8UIiufWwgfJiWECarKMkQ97AdTa0&rtbwp=1.3502689900377405&rnd=406346746
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://a.teads.tv/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://a.teads.tv
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame 3CC6 		35 B
580 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=69875459&event=2&time=3&baid=61473002&asid=9153529&name=Second%20Frame%20view%20(300x250%20only)&imprid=3887631773675998107&icid=3272303205484064919&eData=-7pdXZsD8aZ0hOrh_KoCqv2fFJfQXw3RFVTtKkqvlBkJDwKV3Zer3KhxuwbMr0MD7vna1xRzLkl4UqEv4ZKcv2QBbo50IEXs0&rtbdata=Pv4L8eE6RXhzvhz1L3yBVyo1CAlSRgJqnY6ZyIKx01ymh5GeCFLwIniHRsF1CjrxXaJtTX-e0t7sthlzKb7rh9b8noW-WRTdTJSuMu4zYMZoQbqzToE2f-xnFIfkTIG6jcONn6RXKWEY6iboAFGKRONYBwSIZ5zoDyzQYdeTwc9js3LzooiWlugSQI3nKB0fVF31rLo_PT-F_A6Ro3qTJGJ6IzKxSJnYq8Ncz7rFK7B64jGOslNVzzq4C5f7dJp36ee1Nb1Te_klpZe-tyel0_6iXknacKGgJ0DQRIl3PLqfbVy9ydwl8n7W0iKof5YQp1Qvwfv4hFSS9WOdxOUvs9FG_UVGM3ZI0E6RoJBYKk658GSWQFII4nmZS_WfpGZ5mzPXG8UIiufWwgfJiWECarKMkQ97AdTa0&rtbwp=1.3502689900377405&rnd=304048680
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://a.teads.tv/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://a.teads.tv
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
SPug
simage4.pubmatic.com/AdServer/ Frame DAD8 		0
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:39:45 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
track
t2.teads.tv/ Frame 8AC9 		23 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-3&pid=177687&vid=6b4c9fc0-2013-4aee-8331-5036f857e766&pfid=42&piv=100&env=js-web&ut=1&auctid=4149e1c1-7630-4bd7-8420-18c3af2a1f9c_630cb0c6-c8be-4c83-9c0d-2a1db55aaaa3&sid=421436&scid=7024&pscid=15682&psid=93252&hb_provider=prebid&hb_ad_unit_code=rgpt-reca-4&p=LeDoiqVaaVZRW2MXsRLDnANyQXvXBvpgT3W3B913jtRAQA&cts=1701164381928&cs=278020476071172892605&1701164381927&slot=native&fv=1291&plft=apa,apnf&referer=https%3A%2F%2Fwww.sanook.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Tue, 28 Nov 2023 09:39:47 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t2.teads.tv/ Frame 8AC9 		23 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-4&pid=177687&vid=6b4c9fc0-2013-4aee-8331-5036f857e766&pfid=42&piv=100&env=js-web&ut=1&auctid=4149e1c1-7630-4bd7-8420-18c3af2a1f9c_630cb0c6-c8be-4c83-9c0d-2a1db55aaaa3&sid=421436&scid=7024&pscid=15682&psid=93252&hb_provider=prebid&hb_ad_unit_code=rgpt-reca-4&p=v6kYNK4juesLKzlZZuYyYW_52ODnsJeFzpPLOjdZEImvQw&cts=1701164381928&cs=759878902248515219505&1701164381927&slot=native&fv=1291&plft=apa,apnf&referer=https%3A%2F%2Fwww.sanook.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Tue, 28 Nov 2023 09:39:48 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t2.teads.tv/ Frame 8AC9 		23 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-5&pid=177687&vid=6b4c9fc0-2013-4aee-8331-5036f857e766&pfid=42&piv=100&env=js-web&ut=1&auctid=4149e1c1-7630-4bd7-8420-18c3af2a1f9c_630cb0c6-c8be-4c83-9c0d-2a1db55aaaa3&sid=421436&scid=7024&pscid=15682&psid=93252&hb_provider=prebid&hb_ad_unit_code=rgpt-reca-4&p=OJJq_Q3AUu7UU6-cgYD76LtfvLbvsZW2S--Yt_8SvPIl3Q&cts=1701164381928&cs=286446313913101217305&1701164381927&slot=native&fv=1291&plft=apa,apnf&referer=https%3A%2F%2Fwww.sanook.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Tue, 28 Nov 2023 09:39:49 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
/
track.adform.net/Serving/Event/ Frame 3CC6 		35 B
589 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=69875459&event=202&time=5&baid=61473002&asid=9153529&name=2%20Product%20view&imprid=3887631773675998107&icid=3272303205484064919&eData=-7pdXZsD8aZ0hOrh_KoCqv2fFJfQXw3RFVTtKkqvlBkJDwKV3Zer3KhxuwbMr0MD7vna1xRzLkl4UqEv4ZKcv2QBbo50IEXs0&rtbdata=Pv4L8eE6RXhzvhz1L3yBVyo1CAlSRgJqnY6ZyIKx01ymh5GeCFLwIniHRsF1CjrxXaJtTX-e0t7sthlzKb7rh9b8noW-WRTdTJSuMu4zYMZoQbqzToE2f-xnFIfkTIG6jcONn6RXKWEY6iboAFGKRONYBwSIZ5zoDyzQYdeTwc9js3LzooiWlugSQI3nKB0fVF31rLo_PT-F_A6Ro3qTJGJ6IzKxSJnYq8Ncz7rFK7B64jGOslNVzzq4C5f7dJp36ee1Nb1Te_klpZe-tyel0_6iXknacKGgJ0DQRIl3PLqfbVy9ydwl8n7W0iKof5YQp1Qvwfv4hFSS9WOdxOUvs9FG_UVGM3ZI0E6RoJBYKk658GSWQFII4nmZS_WfpGZ5mzPXG8UIiufWwgfJiWECarKMkQ97AdTa0&rtbwp=1.3502689900377405&rnd=604449003
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://a.teads.tv/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://a.teads.tv
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 3CC6 		35 B
589 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=3272303205484064919@@69875459,3887631773675998107,100|4699|0|0|0|0|0|0|0||183|1|||||1|0|0|aLI9biBkedm48M5tcwHHbXRndPRJ74jR6BmxXgmWLMF6nuSLsjr6VRhpnBRkvb3lA7z_uuw_WOM1|||01||0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://a.teads.tv/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 09:39:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://a.teads.tv
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
p3.isanook.com
URL
https://p3.isanook.com/sh/0/di/ac/vl/spacer.gif
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel

Verdicts & Comments Add Verdict or Comment

869 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| documentPictureInPicture object| objGTMInitialValue object| smiData object| adsCookieRegex boolean| GTMFirstLoad object| dataLayer function| getPage object| THwhitelist boolean| THFirstLoad string| page string| SanookAnalyticsObject function| snSAL object| m function| fbq function| _fbq function| Hood object| __tblPushGlobals object| _taboola object| _taboola_notifications function| showTBLPushPrompt object| NREUM object| webpackChunk:NRBA-1.246.1.PROD object| newrelic object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_144 object| Criteo object| Criteo_144 object| google_tag_manager object| google_tag_data object| ad boolean| adblockTracker object| GooglebQhCsO string| GoogleAnalyticsObject function| ga function| NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL function| onYouTubeIframeAPIReady object| gaGlobal string| hash string| turlnameindex string| _hsv string| _ht string| _ctg string| _hc number| __thflag undefined| stat_frm string| truehitsurl object| tga number| VisitorT number| onSeconds string| p_cookie function| truehits_set_no_cookie function| truehits_set_accept_cookie function| getLogonTime function| getLogoffTime function| path_cookie function| logon_getcookie function| Tracker function| _rdId function| _toHex function| _gsc function| _Hash function| _ref function| collector function| th_ajax_tracker function| domain_cmp string| __th_page string| udf string| arg string| _narg string| rf string| truehitsurl_top object| th_img object| th_link object| gaplugins object| gaData function| _UA-8147095-6_sendHitTask object| innityDataLayer object| _comscore object| PWT object| googletag object| COMSCORE object| ns_p object| webpackChunk_N_E object| innitytagmgr boolean| bG57b51f2f1c51b15b6d1e8553 object| _innityq object| regeneratorRuntime object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| next object| _N_E function| __NEXT_PRELOADREADY object| __consolidated_events_handlers__ object| __BUILD_MANIFEST object| __SSG_MANIFEST string| DataCollectionObject function| datCol boolean| bG5f47736a47e7049801000002 object| _innity_wtl object| _innityoq object| V object| _iampt number| dz object| owpbjsChunk object| owpbjs object| _pbjsGlobals object| partnersWithoutErrorAndBids object| matchedimpressions object| ucTag object| OWT string| partnerName string| key object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing string| Oe string| Ce string| Ae string| Te string| Ee string| Le string| Ie string| Pe string| Ve string| Me string| Ne string| De string| Re string| He string| Be function| Fe function| $e object| qe function| ze function| Ge function| Xe function| We function| Ue function| Ke boolean| Ze function| Je function| Ye function| Qe function| tn function| en function| nn function| rn function| an function| on object| sn object| cn function| un object| saplugins object| saGlobal object| msgData object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MzI0YWQ4Nzc3YWIyYWE3NmxvYWRlcl9qcw== string| MzI0YWQ4Nzc3YWIyYWE3NmNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady number| google_unique_id string| Ct string| At string| cd35 string| cd36 object| Criteo_identitytag_144 object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| __uid2SecureSignalProvider object| __uid2 object| pbjs number| time_interval number| geopercent number| geoedge number| min_view_andbeyond number| min_view number| timebased_refresh_andbeyond number| hijackabm number| unfilledabm object| andbeyondnewarray number| residual number| residual2 number| refresh_andbeyond number| number number| refresh number| iframes string| machine_rules object| label_adapter_video object| label_adapter_display object| config_rtb object| adapter_rtb_new string| home_country object| adunit_network function| getQueryString_val_new object| myElementrtbtracker string| sitemainurlandbyeond undefined| andbeyondhttp function| getQueryString_val object| andbeyonddebug object| observ object| slot_vis object| start_time object| total_vis string| country_rtb1 string| city_rtb string| city_ip string| city_region string| Countrytimezone number| timedate1 number| andstatus300 number| andstatus3001 number| prebid_active number| newtestunitcount number| adlooksstatus number| adlooksstatus1 number| adloox_fraud number| andbeyondadult string| timezonename number| newunitcallback number| width number| height object| block_url number| size3001status number| size3002status number| size3003status number| size3004status number| size3005status number| size3006status number| size3007status number| size3008status number| size3009status number| size30010status number| size30011status number| size30012status number| size30013status number| size30014status number| size30015status number| size30016status number| size30017status number| size30018status number| size30019status number| size30020status number| size30021status number| size30022status number| size30023status number| size30024status number| size30025status number| size30026status number| size30027status number| size30028status number| size30029status number| size30030status number| size30031status number| size30032status number| size30033status number| size30034status number| size30035status number| size30036status number| size30037status number| size30038status number| size30039status number| size30040status number| size30041status number| size30042status number| size30043status number| size30044status number| size30045status number| size6001status number| size6002status number| size6003status number| size6004status number| size6005status number| size6006status number| size6007status number| size6008status number| size60010status number| size7281status number| size7282status number| size7283status number| size7284status number| size7285status number| size7286status number| size7287status number| size7288status number| size7289status number| size72810status number| size72811status number| size72812status number| size72813status number| size72814status number| size72815status number| size72816status number| size72817status number| size72818status number| size72819status number| size72820status number| size72821status number| size72822status number| size72823status number| size72824status number| size72825status number| size9701status number| size9702status number| size9703status number| size9704status number| size9705status number| size9706status number| size9707status number| size9708status number| size9709status number| size97010status number| size9702501status number| size9702502status number| size9702503status number| size9702504status number| size9702505status number| size9702506status number| size9702507status number| size9702508status number| size9702509status number| size97025010status number| size1201status number| size1202status number| size1203status number| size1204status number| size1205status number| size1206status number| size1601status number| size1602status number| size1603status number| size1604status number| size1605status number| size1606status number| size1607status number| size1608status number| size1609status number| size3201status number| size3202status number| size3203status number| size3204status number| size3205status number| size3206status number| size3207status number| size3208status number| size3209status number| size32010status number| size32011status number| size32012status number| size32013status number| size32014status number| size32015status number| size32016status number| size32017status number| size32018status number| size32019status number| size32020status number| size32021status number| size1001status number| size1002status number| size1003status number| size1004status number| size1005status number| size1006status number| size1007status number| size1008status number| size1009status number| size10010status number| size4681status number| size4682status number| size4683status number| size4684status object| label_adapter number| tier2 number| tier3 number| globalandbeyond number| factor_internal number| timebased number| timebased_refresh number| timer_refresh number| factor_visible number| factor_tier1 number| factor_tier2 string| factor_tier1_text string| factor_tier2_text string| no_refresh boolean| detectPartial number| highcpm number| highcpm1 number| windowwandtest number| strategy number| myVar number| randomval1 number| network1 number| network2 number| percent1 number| namemc number| windowwidth2 number| PREBID_TIMEOUT_NEW number| floor number| ref object| rtbpbjs object| divandbeyond number| andbeyondtotalSeconds number| andbeyondtotalSeconds1 undefined| andbeyondtimestop boolean| idleStates object| idleTimers object| a9slots object| block_domain_creative string| pathurl12 number| geoindiablock object| and_geo_block number| prebidurlbind object| adUnitsregular object| debug undefined| adunitmock undefined| adUnitsfirst undefined| adUnitsvideo number| geoedgeinterval string| url1 string| country function| adloox_pubint_timeout string| toisiteurl number| windowwidth1 number| geoedgeinterval2 number| localandbeyond number| windowwidth number| global_refresh number| newid number| flag2 number| refresh_time1 number| refresh_time number| refresh_time2 number| hijackinterval2 object| isMobile1 string| osdevice number| randomvaldatatest string| url22 string| urlmob1 number| globalcount number| sanooktest1 number| globalinterval function| checkeractivenew function| bidder_restrict function| callnative function| encodenativeurl function| callvideo function| calcTime function| isInteger function| myTimer function| isVisible function| bidadjust1 function| andbeyonddisps function| addListenerMulti function| blackbox function| refreshBid1rtb function| refreshBid2 object| aff_var number| floorlogic object| bidder_allowed_native object| bidder_allowed_video object| apstag object| adUnitand12 object| playersize number| pos string| native string| context number| count number| j object| adunit object| size string| code string| code1 number| flagsize object| temp1 object| bids object| bid string| temp number| flag string| adapt_temp object| params string| param1_name_video string| param2_name_video string| param3_name_video string| param4_name_video string| param1_value_video string| param2_value_video string| param3_value_video string| param4_value_video string| param1_name string| param1_value string| param2_name string| param2_value string| param3_name string| param3_value string| param4_name string| param4_value string| param5_name string| param5_value undefined| label object| adloox_pubint object| ignore number| current_time number| refreshval number| number5 object| _aps boolean| apstagLOADED object| apscustom object| lotame_sync_16576 function| ha number| iframe1 string| iframeid number| len string| pos123 number| size300 number| size250 number| size600 number| size728 number| size160 number| size120 number| size970 number| size90 number| size320 number| size50 number| size336 number| size280 number| size100 number| size640 number| size480 number| size1150 number| hijack string| h2 object| json object| test string| d1 string| a1 string| c1 string| v1 string| s1 string| h1 string| si1 number| sizehp11 number| sizehp12 number| sizehp13 number| sizehp18 number| sizehp14 number| sizehp15 number| sizehp16 number| sizehp17 number| sizehp19 number| sizehp21 number| sizehp22 number| sizehp23 number| sizehp20 number| sizehp7 number| d string| timezone number| current_hour2 object| safeframe number| custome_axt number| nextactive function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_oa object| sync16576_xa object| sync16576_ya function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_J function| sync16576_K function| sync16576_L function| sync16576_la function| sync16576_ma function| sync16576_na function| sync16576_M function| sync16576_N function| sync16576_pa function| sync16576_O function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_P function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_Q function| sync16576_R function| sync16576_za function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_Aa function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Ea function| sync16576_Ba function| sync16576_1 function| sync16576_Da function| sync16576_Ca function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Ga function| sync16576_Ha function| sync16576_Ja function| sync16576_Fa function| sync16576_7 function| sync16576_Ia function| sync16576_La function| sync16576_Ka function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_Pa function| sync16576_$ function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa function| sync16576_Ta object| ID5 object| __id5_instances object| hadron boolean| __halo_loaded__ object| PublisherCommonId object| rtbpbjsChunk object| _rtbpbjsGlobals object| ADAGIO object| invibes object| mnet string| nobidVersion object| nobid object| au boolean| 0762abce-a7f2-4059-84ec-fbee7efced33 number| success number| timeflag string| idnew2 number| knew number| newidflag string| vs3 number| nextpassive number| time_refreshunit number| nextnumber number| passivergptbillboard3 number| activergptbillboard3 number| time_refreshunitrgptbillboard3 number| nextnumberrgptbillboard3 number| newflag number| diff number| flagnewone number| passivergptreca4 number| activergptreca4 number| time_refreshunitrgptreca4 number| nextnumberrgptreca4 number| passivergptSkyscraper5 number| activergptSkyscraper5 number| time_refreshunitrgptSkyscraper5 number| nextnumberrgptSkyscraper5 number| passivergptleaderboard6 number| activergptleaderboard6 number| time_refreshunitrgptleaderboard6 number| nextnumberrgptleaderboard6 number| passivergptuniversalb2 number| activergptuniversalb2 number| time_refreshunitrgptuniversalb2 number| nextnumberrgptuniversalb2 object| GoogleGcLKhOms object| google_image_requests

191 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CggKBgiiARDNFg
.sanook.com/ Name: _gcl_au
Value: 1.1.314788658.1701164380
.sanook.com/ Name: _fbp
Value: fb.1.1701164379909.1611680744
.sanook.com/ Name: _ga_M0RYDTKBFK
Value: GS1.1.1701164379.1.0.1701164379.60.0.0
.sanook.com/ Name: _cbclose
Value: 1
.sanook.com/ Name: _cbclose45879
Value: 1
.sanook.com/ Name: _uid45879
Value: 3A20A911.1
.sanook.com/ Name: _ctout45879
Value: 1
www.sanook.com/ Name: verify
Value: test
.doubleclick.net/ Name: IDE
Value: AHWqTUlDfuxm4gdS4MuhomtqnNVVurku0--kQ4muUAFe23_yn4ZLLK96EjreRJwS
.sanook.com/ Name: _ga
Value: GA1.2.138966829.1701164380
.sanook.com/ Name: _gid
Value: GA1.2.1310047379.1701164381
.sanook.com/ Name: _gat_UA-8147095-6
Value: 1
.sanook.com/ Name: _ht_v
Value: 1701164380.2542959424
.sanook.com/ Name: _ht_s
Value: 1701164380.2
.sanook.com/ Name: _ga_17F0RQM2JW
Value: GS1.2.1701164380.1.0.1701164380.60.0.0
.scorecardresearch.com/ Name: UID
Value: 1E5490141049ff7744c06851701164381
.sanook.com/ Name: sa_optout
Value: 2
.sanook.com/ Name: dc_optout
Value: 2
.sanook.com/ Name: ads_optout
Value: 2
.www.sanook.com/ Name: freq.5f73e63e47e7040e00000000
Value: 1
www.sanook.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.criteo.com/ Name: uid
Value: c6920cf0-6cdb-4a7f-81d4-ff8475321b7f
.sanook.com/ Name: cto_bundle
Value: QDKwAF9FdlclMkZ0eU01WGw2WkxNa2RXbnBybEpLM2x0N1olMkZYanBEQlVsSkhjRmpNOHU5aVN5cWRNaFRlbzZGJTJCNHJCNjZrdGYzUCUyRiUyRmR1TWpXbnBLWkZLODJ5dTRrb0l3N3hPZEs0dGVUMHF1N3JqVlZlcmxaSTRkNHAlMkJJVXFKUEM0Z1dza0V0WEU5SFhNJTJCRHQ0T0JZUWY2WnFlZyUzRCUzRA
.sanook.com/ Name: _sa
Value: SA1.2.504081704.1701164382
.pubmatic.com/ Name: KADUSERCOOKIE
Value: BC54E062-1912-470B-9D76-E7D9475C5311
.rubiconproject.com/ Name: khaos
Value: LPI5CLTC-P-1QZY
.sanook.com/ Name: lotame_domain_check
Value: sanook.com
.adnxs.com/ Name: uuid2
Value: 2297806412148916301
.weborama.fr/ Name: AFFICHE_W
Value: Kt5Isq2eR0wq98
.bidswitch.net/ Name: tuuid
Value: 779824a1-9984-450a-b204-92613bcdcff3
.bidswitch.net/ Name: c
Value: 1701164381
.bidswitch.net/ Name: tuuid_lu
Value: 1701164381
.adfarm1.adition.com/ Name: UserID1
Value: 7306445381536970894
.adx.opera.com/ Name: UID
Value: OPU628bb0de99634e18b11c999b65ffb898
.adform.net/ Name: C
Value: 1
.innity.com/ Name: iUUID
Value: 4bc4b60b4a1238275f489ebd63ce05a7
.openx.net/ Name: i
Value: 6a2715f6-c118-44f8-a821-08d2d14058d7|1701164381
.teads.tv/ Name: receive-cookie-deprecation
Value: 1
.teads.tv/ Name: tt_viewer
Value: 37c3fe2a-05e5-4d0d-94f1-f694a5d0bf3a
.quantserve.com/ Name: d
Value: EK4BCwHEKvijAA
.quantserve.com/ Name: mc
Value: 6565b55e-003f3-21c2d-b11a6
.audrte.com/ Name: arcki2
Value: 7idhG0ORePWTHWVWQdGynnv0w!20220908!1701164381992!ip#195.206.105.130
.audrte.com/ Name: arcki2_pubmatic
Value: BC54E062-1912-470B-9D76-E7D9475C5311!20220908!1701164381992
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 7fc7991411a53506ef1d6353dc1f2c6
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7306445381536970894&KRTB&23369-7306445381536970894
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2297806412148916301&KRTB&23339-2297806412148916301
.adform.net/ Name: uid
Value: 3272303205484064919
.sanook.com/ Name: iUUID
Value: 4bc4b60b4a1238275f489ebd63ce05a7
.sanook.com/ Name: innity.dmp.225.sess
Value: 1.1701164382050.1701164382050.1701164382050
.sanook.com/ Name: innity.dmp.225.sess.id
Value: 205122069.225.1701164382050
.sanook.com/ Name: innity.dmp.cks.innity
Value: 1
.sanook.com/ Name: _cc_id
Value: 7fc7991411a53506ef1d6353dc1f2c6
.sanook.com/ Name: panoramaId
Value: 18f626ba8b21318fbd495131cb5be32246b09459cf263cb4e50e184cc78a29c8
.sanook.com/ Name: panoramaIdType
Value: panoIndiv
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-A_ssf1f7Ly8Y_ip5U_03eAStKC4YrCt7VPj3gfYK&KRTB&19420-A_ssf1f7Ly8Y_ip5U_03eAStKC4YrCt7VPj3gfYK&KRTB&22979-A_ssf1f7Ly8Y_ip5U_03eAStKC4YrCt7VPj3gfYK&KRTB&23462-A_ssf1f7Ly8Y_ip5U_03eAStKC4YrCt7VPj3gfYK
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEKNUl2If4oXhdNq6Ws-oEpQ&KRTB&23025-CAESEKNUl2If4oXhdNq6Ws-oEpQ&KRTB&23386-CAESEKNUl2If4oXhdNq6Ws-oEpQ
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU628bb0de99634e18b11c999b65ffb898&KRTB&23485-OPU628bb0de99634e18b11c999b65ffb898&KRTB&23524-OPU628bb0de99634e18b11c999b65ffb898
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7466765702092464794&KRTB&23263-7466765702092464794&KRTB&23481-7466765702092464794
.sitescout.com/ Name: ssi
Value: fb7d78b1-e5c2-4231-bb5e-8050a5da0916#1701164382048
.bidr.io/ Name: bito
Value: AADthE7Ky2sAABcPtbwCug
.bidr.io/ Name: bitoIsSecure
Value: ok
.yahoo.com/ Name: A3
Value: d=AQABBF61ZWUCEPHnyhM_1f22F3FBv9_Q06sFEgEBAQEGZ2VvZQAAAAAA_eMAAA&S=AQAAAodF_Xx1LZ8lg0__gogK84E
.sportradarserving.com/ Name: zuuid
Value: 34e8b9fc-fa7d-4ee9-bf13-c922729d09c1
.sportradarserving.com/ Name: c
Value: 1701164382
.sportradarserving.com/ Name: zuuid_lu
Value: 1701164382
.sanook.com/ Name: __gads
Value: ID=779d8a5abf6be51a:T=1701164381:RT=1701164381:S=ALNI_MbHFx0T2rPGLn9O5JimYHxRpXxznQ
.sanook.com/ Name: __gpi
Value: UID=00000ce8367e14ec:T=1701164381:RT=1701164381:S=ALNI_MZokbY7vWMwtEbNv9-GIHt362L62w
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1701164382
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcwMTE2NDM4MjEwOH0
.audrte.com/ Name: arcki2_ddp2
Value: 7idhG0ORePWTHWVWQdGynnv0w!20220908!1701164382113
.casalemedia.com/ Name: CMID
Value: ZWW1XqgCJJeb8b4xiLm.EQAA
.casalemedia.com/ Name: CMPS
Value: 3322
.casalemedia.com/ Name: CMPRO
Value: 3322
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-fb7d78b1-e5c2-4231-bb5e-8050a5da0916-6565b55e-4348&KRTB&23418-fb7d78b1-e5c2-4231-bb5e-8050a5da0916-6565b55e-4348
.simpli.fi/ Name: suid
Value: 1DA1F0AFECA740B28A374C19B15380E1
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-779824a1-9984-450a-b204-92613bcdcff3
.turn.com/ Name: uid
Value: 8081171439538271367
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:1DA1F0AFECA740B28A374C19B15380E1&KRTB&23486-uid:1DA1F0AFECA740B28A374C19B15380E1&KRTB&23489-uid:1DA1F0AFECA740B28A374C19B15380E1&KRTB&23539-uid:1DA1F0AFECA740B28A374C19B15380E1
.openx.net/ Name: pd
Value: v2|1701164381.1|iyvQgevNgun0.gqwksLmOwL
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8081171439538271367&KRTB&23150-8081171439538271367&KRTB&23527-8081171439538271367
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.audrte.com/ Name: arcki2_adform
Value: 3272303205484064919!20220908!1701164382222
.amazon-adsystem.com/ Name: ad-id
Value: Azr4xnKOjExdqtiyB4XQi-k
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAIxg03NYY1OQMM5HySAAAAAAA&KRTB&22713-AAAIxg03NYY1OQMM5HySAAAAAAA&KRTB&22715-AAAIxg03NYY1OQMM5HySAAAAAAA&KRTB&23519-AAAIxg03NYY1OQMM5HySAAAAAAA
.dotomi.com/ Name: DotomiTest
Value: 3553230e669a16b7
.contextweb.com/ Name: V
Value: lD9gQBFRIeeX
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1o8s|7dN.0.AADthE7Ky2sAABcPtbwCug
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 5882c8da3f18286e
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-92700a2f-2a32-5f4b-73cb-76eb9b3cac48.JCcfjuMwD9%2B%2FjACaeRj%2B3FDW%2Bgzbg4SxbDs70OduvNE
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-92700a2f-2a32-5f4b-73cb-76eb9b3cac48.JCcfjuMwD9%2B%2FjACaeRj%2B3FDW%2Bgzbg4SxbDs70OduvNE
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AknAKLyoyX0tzy3brmzysSMPOaYI.0z2io6TcFe%2Fv64DFT3KLYaUeBE9%2BiYELy6042ZG%2Bxug
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AknAKLyoyX0tzy3brmzysSMPOaYI.0z2io6TcFe%2Fv64DFT3KLYaUeBE9%2BiYELy6042ZG%2Bxug
.rqtrk.eu/ Name: browser_id
Value: 1:f9372079-eb78-4511-b232-64d1c94962ae
.creativecdn.com/ Name: u
Value: JKm7qQItVc02rEFanipZ
.creativecdn.com/ Name: g
Value: JKm7qQItVc02rEFanipZ_1701164382322
.creativecdn.com/ Name: ts
Value: 1701164382
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-knAKLyoyX0tzy3brmzysSMPOaYI&KRTB&23334-knAKLyoyX0tzy3brmzysSMPOaYI&KRTB&23417-knAKLyoyX0tzy3brmzysSMPOaYI&KRTB&23426-knAKLyoyX0tzy3brmzysSMPOaYI
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIEqjuYjyQz_VLUAeYdbPu5fEnrSJs5D4OZz4mx3aVJt1EHwYBCDe6parBjABOgTwi70wQgT17Cf7.UDUbj0ti%2BjEiusmTRBc147eFe1dSccOyspfE%2BZFayGs
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIEqjuYjyQz_VLUAeYdbPu5fEnrSJs5D4OZz4mx3aVJt1EHwYBCDe6parBjABOgTwi70wQgT17Cf7.UDUbj0ti%2BjEiusmTRBc147eFe1dSccOyspfE%2BZFayGs
.smartadserver.com/ Name: pid
Value: 8836778444770321177
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AADthE7Ky2sAABcPtbwCug
avd.innity.com/ Name: geo
Value: EU%3BSwitzerland%3BCH%3B%3B%3B
.liadm.com/ Name: lidid
Value: c7382279-c93b-475b-b09b-3965236bdf39
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxQSTVDTFRDLVAtMVFaWSIsImV4cGlyZXMiOiIyMDI0LTAyLTI2VDA5OjM5OjQzWiJ9fSwiYmlydGhkYXkiOiIyMDIzLTExLTI4VDA5OjM5OjQzWiJ9
.linkedin.com/ Name: bcookie
Value: "v=2&c4989d0c-538c-4595-82e7-4c19d674a6b4"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDExNjQzODM7MjswMjFubQiSfDXdx42zkFHL0Z/lw8akZruhA6xPvaSaQFzRzg==
.linkedin.com/ Name: lidc
Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2779:u=1:x=1:i=1701164383:t=1701250783:v=2:sig=AQHZ2h55M8SUp_nGFSDw_4rGwAxgizsh"
.primis.tech/ Name: csuuid
Value: 6565b55f76c15
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-h-YwJRzRZeG-5trsCc-TqzTi7iUIuCphxv9TFg&KRTB&23144-uid:k-h-YwJRzRZeG-5trsCc-TqzTi7iUIuCphxv9TFg&KRTB&23286-uid:k-h-YwJRzRZeG-5trsCc-TqzTi7iUIuCphxv9TFg&KRTB&23287-uid:k-h-YwJRzRZeG-5trsCc-TqzTi7iUIuCphxv9TFg
.smartadserver.com/ Name: csync
Value: 79:k-dUvyZxzRZeG-5trsCc-TqzTi7iWnjjPDSCAe5A|127:AADthE7Ky2sAABcPtbwCug
prebid.a-mo.net/ Name: _Amc_b
Value: 0
.rezync.com/ Name: zync-uuid
Value: 51cd3fc4-832c-4d9d-b60e-9e46e32d4b07:1701164383.462388
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%220f5d85e0-8dd2-11ee-ad27-99d00f403f64%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%220f5d85e0-8dd2-11ee-ad27-99d00f403f64%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%220f5d85e0-8dd2-11ee-ad27-99d00f403f64%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%220f5d85e0-8dd2-11ee-ad27-99d00f403f64%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-iWB5MhzRZeG-5trsCc-TqzTi7iXQeUBfpR9Wcw%22%2C%22version%22%3A%22criteo%22%7D
.connatix.com/ Name: cnx_userId
Value: f3bfde6124a74544977821878eb41a2b
.adnxs.com/ Name: anj
Value: dTM7k!M4.gF7/.XF']wIg2GVVqMu$=!]tbPl@/D!9hy6]/Cv^%/!A/LY.1UDjUuj9Yt?u.A_@1a1S@N-4].Sx2a!=)k@wO+BnBYcFwkt7*bpRz*r<Hnj>k3^uoI6.=vCb!W=7uY'3RDPD:qGt1Qw2>EP%]H
www.sanook.com/ Name: _rtbpbjs_userid_consent_data
Value: 3524755945110770
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~2fax:18zh~2fax:19e0~2fax"
.360yield.com/ Name: tuuid
Value: 578ff0e5-f0ce-4e03-91ed-08adc1188a41
.360yield.com/ Name: tuuid_lu
Value: 1701164383
.omnitagjs.com/ Name: ayl_visitor
Value: 46de88c59d97756e357cae7f6b3a3c52
.demdex.net/ Name: demdex
Value: 05456387650785968242094162066059459180
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzNjQwMrA0NjczNxHiM9RNSokIqYpPS86pzCsAAA6PwTElAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzNjQwMrA0NjczNxHiM9RNSokIqYpPS86pzCsAAA6PwTElAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwRGAMAgEwI_t4AB3EmI5gaQQK3f3u-KxapyiJLyEPVtW6Ja5GRveXDpeG2oWROJmODJ_sYP_pjkAAAA
a.twiago.com/ Name: deuxesse_uxid
Value: aad81eb3e21b8b8fdb4f3c8cd79d1c3f18bca3b6a2bd5b53cbdfbad89cc6da70
www.sanook.com/ Name: _lr_retry_request
Value: true
www.sanook.com/ Name: _lr_env_src_ats
Value: false
.yieldmo.com/ Name: yieldmo_id
Value: 3FAJcNUEEkUMZL21uztp%7C1701129600000%7C0
.ads.yieldmo.com/ Name: ptrcriteo
Value: k-_yai0RzRZeG-5trsCc-TqzTi7iVHVv-Uwx25XA
.360yield.com/ Name: um
Value: !38,QjmXXukMdsUpTWn-N0IVYLQ1QdIVjDI85QJAOuLA2Ye6uZG0EC0CbAJIeFi-snGWwT.C7r3O,1708940383
.360yield.com/ Name: umeh
Value: !38,0,1763372383,-1
.dpm.demdex.net/ Name: dpm
Value: 05456387650785968242094162066059459180
www.sanook.com/ Name: pubmatic-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-11-28T09%3A39%3A43%22%7D
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmOQN09LNre0NDQxNEw0NTY1MEtNM0wxMzY1Tkk2TDNKNmMAgtTUrfEgGgoAOqUKLA%3D%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBITd0aD6SgAAAXSgHf"
.sanook.com/ Name: panoramaId_expiry
Value: 1701769183798
.ipredictive.com/ Name: cu
Value: 4bc3d8cd-fb8e-4def-ad19-4199cb1c55c3|1701164383795
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/Ej2rtyoAtno81qbBgMWySGKnddJL2ro259/RyPa/PsGdWzN0ILpS0C9QhppHTdMOiBc48YnZs8G7uBxGCOXoSK1YWXbfZ9KG2U81De9lxpTwEoh1chh9FND
.teads.tv/ Name: tt_exelate
Value:
.teads.tv/ Name: tt_bluekai
Value:
.teads.tv/ Name: tt_liveramp
Value:
.teads.tv/ Name: tt_neustar
Value:
.teads.tv/ Name: tt_salesforce
Value:
live.rezync.com/ Name: sd-session-id
Value: .eJwdyksOgjAQANC7zJqSaWeYfi5DpB2SRqmG4kbC3TUuX_JOmF-6b7em7YB07G8dID_qTx3SCb1-Nr1DgslilDAJWXQYyYtnuAbo2nt9trmW_8mF1swmkMuGSyxmEVQTlUXJFV7QJ-vRWmEKNLI4CgGuL5WzJZg.ZWW1Xw.W8-saPZ-T4OA7p3xd810Qw_vFU4
.tremorhub.com/ Name: tvid
Value: 566078c602bf422cb993321889733e3f
.tremorhub.com/ Name: tv_UICR
Value: k-IRKkuBzRZeG-5trsCc-TqzTi7iUy14QOBIsZFA
.rlcdn.com/ Name: pxrc
Value: CN/qlqsGEgUI6AcQABIGCLrqARAA
.krxd.net/ Name: _kuid_
Value: P8VBZ1ow
.agkn.com/ Name: ab
Value: 0001%3ApbMS1VTbBDQMSyGn54XHzVb9YdTbqjEr
.rlcdn.com/ Name: rlas3
Value: 4A3UVMhFE5wN8lzxpk82pUdrjMaI6qWf/r5feDF4k0M=
.postrelease.com/ Name: visitor
Value: 70ad8e2c-4496-447b-a682-93e296c136d0
.postrelease.com/ Name: status
Value: 0
.sanook.com/ Name: FCNEC
Value: %5B%5B%22AKsRol-F-OCnKRg2cvPYlr9UTeorSkHViBO2lDU64fNuNkwOn_bYu3CDbajg8JEJwN03qxq9IMFaqptUuUMSrmePBofBRZHkV5rNtEefZeqmQ7pzbiyMfGjbKDC2YOQFakwSUNddUCn4-FtjzxC6-VNYBzNBn1j6Vw%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.adform.net/ Name: TPC
Value: 1701164384142
.bluekai.com/ Name: bku
Value: m3X99sYNjVVmLzya
.bluekai.com/ Name: bkpa
Value: KJy9R9Y4d02pSUHknpx6meDTwtkAwEjiBs18jZ1ynE/y1E1+Bsakju6T1p1hnEDy1pjZmeDljEztBk2k5P2MSYjLSVNo5e6hJZ5AzcJ4Rt2rztPr5e6ZUlx21Ezy1EWtBe1T1pQyB9191pzqoQ==
.sanook.com/ Name: ret_criteo
Value: 1
.pubmatic.com/ Name: DPSync3
Value: 1702339200%3A226_219_197_241_235_201_245_227
.pubmatic.com/ Name: SyncRTB3
Value: 1703721600%3A203%7C1701734400%3A2_223_15%7C1702339200%3A234_81_249_264_196_46_176_13_54_165_88_166_251_55_254_243_71_22_56_7_214_99_220_161_8_21_3_233_238%7C1701993600%3A63%7C1706313600%3A69%7C1702425600%3A35
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1XMsQ2AMAwFUTEAVeYwiv0dxzBO4jAQJSUjMCEdiPKKd_c0c83MpnCtXo5khXtg70oO6aSxBjXLg9ahNiChLdftRVjUBO5n-kYw5-vf8gBDWUCqaQAAAA
.ctnsnet.com/ Name: cid_189746183db044e99a86db962e3a5e4a
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5109685631020937674
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: pi
Value: 155976:4
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1701185984876
.onaudience.com/ Name: done_redirects147
Value: 1
.csync.loopme.me/ Name: viewer_token
Value: 7e1e711d-a7d2-42e6-abe2-e68cb3c2e9b6
.zeotap.com/ Name: zc
Value: b22b7d74-1787-4651-7ea3-949584a420b2
.adsby.bidtheatre.com/ Name: __kuid
Value: 9763263e-a8ca-4c02-87f3-8fb2af258d65.470378384
.de17a.com/ Name: guid
Value: 1.7517368090351806467
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZWW1YAAC8pVjGgBd
.onaudience.com/ Name: cookie
Value: 5ed92b046b2ccc35
.onaudience.com/ Name: done_redirects104
Value: 1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b20348d1-6926-4cc4-8f4a-b98f1a61cfb9-003%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-7517368090351806467
.semasio.net/ Name: SEUNCY
Value: AF6F64DAA0F754DB
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b20348d1-6926-4cc4-8f4a-b98f1a61cfb9-003%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-uroLIz3lVnQRXhaWUhXjjjYV
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-b20348d1-6926-4cc4-8f4a-b98f1a61cfb9-003&KRTB&17107-RX-b20348d1-6926-4cc4-8f4a-b98f1a61cfb9-003
.tribalfusion.com/ Name: ANON_ID
Value: aantXLx2eNlSE0U7atv6XliOt5fhMhg7rdbeLc2kLZcDi9CgsOZambXgEUSmYZcreZawkFLT6aMXADoqnvM3h3QWj83wjlGl
.pubmatic.com/ Name: KRTBCOOKIE_945
Value: 19558-uid:
.pubmatic.com/ Name: PugT
Value: 1701164385
.pubmatic.com/ Name: SPugT
Value: 1701164385

5 Console Messages

Source Level URL
Text
network error URL: https://rtb-eu.andbeyond.media/hb?zone=136922&v=1.6
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
other warning URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript error URL: https://www.sanook.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://www.sanook.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://idsync.rlcdn.com/474599.gif?partner_uid=6b4c9fc0-2013-4aee-8331-5036f857e766_ch&cv=&_t=1701164383804
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5c13bb0522ad66a75e65a3b5a75e9ebf.safeframe.googlesyndication.com
a.ad.gt
a.audrte.com
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
a.twiago.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
ad.yieldlab.net
ads.eu.criteo.com
ads.pubmatic.com
api.rlcdn.com
apps.sanook.com
avd.innity.com
avd.innity.net
b1sync.zemanta.com
bam.nr-data.net
bcp.crwdcntrl.net
beacon.krxd.net
beacon.taboola.com
bh.contextweb.com
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
capi.connatix.com
casale-match.dotomi.com
cat.nl3.eu.criteo.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.ocmtag.com
cdn.prod.uidapi.com
cdn.taboola.com
cfee7bc0ed0daa27b97780af8372a340.safeframe.googlesyndication.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
connect.facebook.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
criteo-partners.tremorhub.com
criteo-sync.teads.tv
csm.eu.criteo.net
csync.loopme.me
d5p.de17a.com
dc.sanook.com
dis.criteo.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
exchange.mediavine.com
fastlane.rubiconproject.com
fundingchoicesmessages.google.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
graph.sanook.com
green.erne.co
gum.criteo.com
hb.yahoo.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
img-as.fsanook.com
ipac.ctnsnet.com
jadserve.postrelease.com
js-agent.newrelic.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
live.primis.tech
live.rezync.com
loadm.exelator.com
lvs2.truehits.in.th
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
matching.ivitrack.com
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
oa.openxcdn.net
oajs.openx.net
p.adlooxtracking.com
p.rfihub.com
p3.isanook.com
pagead2.googlesyndication.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.casalemedia.com
region1.analytics.google.com
rtb-csync.smartadserver.com
rtb-eu.andbeyond.media
rtb.openx.net
rtbdemand.apiip.net
rtbpass.andbeyond.media
s.amazon-adsystem.com
s.isanook.com
s.thebrighttag.com
s.tribalfusion.com
s1.adform.net
sal.isanook.com
sb.scorecardresearch.com
sdk.ocmhood.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sloth-api.sanook.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.springserve.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.adx.opera.com
t.ocmhood.com
t.pubmatic.com
t.teads.tv
t2.teads.tv
tags.bluekai.com
tags.crwdcntrl.net
tencentth-d.openx.net
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
ut.pubmatic.com
visitor.omnitagjs.com
webboard.news.sanook.com
widget.nl3.eu.criteo.com
wrappers.geoedge.be
ws.rqtrk.eu
www.facebook.com
www.google-analytics.com
www.google.ch
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.sanook.com
x.bidswitch.net
ad.mrtnsvr.com
api.rlcdn.com
cm-supply-web.gammaplatform.com
p3.isanook.com
104.18.36.155
104.18.38.76
108.138.1.25
119.81.216.16
13.248.245.213
13.32.27.99
141.226.228.48
141.94.171.213
141.94.171.214
141.94.240.143
141.95.32.69
141.95.98.64
142.250.186.34
145.40.97.66
15.197.193.217
151.101.193.44
151.101.195.52
151.101.2.137
151.101.66.49
162.19.138.117
162.247.241.14
162.55.120.196
172.217.18.2
172.64.146.152
172.64.151.101
173.231.180.197
178.250.1.6
178.250.1.9
18.184.49.101
18.192.146.238
18.195.142.87
18.198.126.47
18.202.86.19
18.66.147.84
184.30.211.26
185.184.8.90
185.29.134.248
185.64.189.112
185.64.189.226
185.64.190.82
185.64.191.210
185.86.139.104
193.0.160.131
195.5.165.20
198.47.127.19
198.47.127.20
198.47.127.205
2.16.97.41
2.18.161.51
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
203.151.128.150
203.151.128.172
203.151.130.71
203.151.130.72
203.151.133.19
203.154.58.214
208.93.169.131
209.54.182.161
213.155.156.164
23.212.201.53
23.32.184.180
23.32.184.192
23.32.185.192
23.48.23.67
2600:1f18:612b:4232:d5ff:1540:2e33:3aaf
2600:9000:2240:f400:2:d490:4d80:93a1
2600:9000:2250:6a00:a:e047:753:a221
2600:9000:2251:aa00:1a:5235:f980:93a1
2602:803:c003:200::51
2606:4700:10::6816:1957
2606:4700:10::6816:3456
2606:4700:10::ac43:17ea
2606:4700:10::ac43:246e
2606:4700:20::681a:6e4
2606:4700::6810:5914
2606:4700::6812:19ad
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2008
2a00:1450:4001:813::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::200e
2a00:1450:400c:c09::9c
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:fa8:8806:13::1370
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a05:d018:d29:3605:3b2e:d970:bb65:e6b3
2a06:98c1:3120::3
2a06:98c1:3121::3
3.131.216.228
3.75.62.37
34.102.146.192
34.107.231.31
34.111.129.221
34.117.157.22
34.120.107.143
34.150.170.96
34.246.239.231
34.246.253.18
34.98.64.218
35.186.193.173
35.186.253.211
35.214.167.128
35.244.159.8
35.244.174.68
37.157.2.229
37.157.2.230
37.157.5.71
37.252.171.21
43.152.26.104
43.152.26.197
43.152.26.58
44.215.169.187
44.242.29.250
46.228.174.117
52.19.222.237
52.19.8.73
52.210.176.42
52.28.202.91
52.3.98.252
52.49.140.195
52.50.121.249
52.51.80.54
52.59.133.66
52.95.126.138
54.198.28.7
54.229.22.54
54.78.136.71
61.91.94.165
64.202.112.31
64.202.112.63
64.227.64.62
65.9.66.97
69.173.144.139
69.173.144.165
69.192.160.219
77.243.51.122
77.245.57.78
82.145.213.8
85.114.159.118
85.215.5.31
95.101.149.233
95.101.149.35
98.98.134.241
99.86.4.128
0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda
0031bfa16aed3b634e7497fe63cd4b52fc3da7d39d671505535ce5bea6d1d35c
00c463d340aefeef0168f4e282d2e294ed65e607fae4644628192c96adef7bfb
00d8c42cbca8a249b0ffcbf3ec62a66eb533ec4b952c2fd09b8051353b0eed42
054cfdde8ca8063d808ef8b286bf4ab12d26fbba95eb8192fabe4eddac9a4b12
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0832d3e0e2966c6aaf17eaddddf183c6b777673b7bc8e261de36b03c1fcbcaa4
08a8463bf15cca775e8cc01995f1d42758cbda90dee2b7019fee15daa62822c9
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09d0eaf68b2500767e75eb4d517510feb66e948f8b5c1f0da09e869a387b3ea4
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b2e019fbe37d9642ad85f3194ef708e5510f4e580544587d3036d2c6a22809e
0b55ec4e5aa91ac70224085c402a372fcdd954dd4df3229b7de7efbfa86cff3c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cf004117ade7226726d2823803695d466d5786317b01927153b26b2a35cfb1f
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0d57af87c6a1f5e7e9f8eb0ef48aea7ec10d5addb811dfb15fb3f9bbeea3bdd6
0d7a771ff2400141dadc3aa20a3685677d41761b15fed5921b771ce8653237cd
0dda36c3e57d741bcabdff928bd4ab654ae6d37514de5ec880db2fc37440ae0b
0ea874d0e7a2d6f5e5d49ced3c8f7f1039ceb362f504c2c0868fa2b2f336e764
0f6ea1b447e88e46b21370c89f65d8cf8ae8fb5904638468e57f006df30d4340
1150925cc59c7046516a9aaaf3d9add1cd9cce4f6a5002154a4cfe3432906427
11a5d5961bf0105ac17236d2003c7d57fea97879f89d4d621ee1bf193a5938ab
12c77ac611a4332b163f12367043df571ad45e56537880d12235f9aa3376e777
173d4dbc8dfc752205eeba25c72f4d262b61c89e3b1dbce5a8054da4bb0972ef
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1bf2204e4bc320500b589d112b120f2c00240f6bac71af61590485ae0ebc5998
211ce11050c57b74d7f793232305a8ee5cea7f061366efaa6df4bff5cb7a2495
25c5d729343b9eb27f8f5cfa2a501afc380d30e871acf94cb1d32599dcf90079
27466c07ad57e286770fd8ad900aac51df818685f0e134ab890d8692c7174a08
27e3898e078a99fc5f43b11cbef454a94563852fc306e3a9f163146e02751a19
28d3f29efc6a614d78b1cae2d456ff25833926ee5bcadaeefabd0eeebafa161f
28dd6b8b629e24a8d0dd63255b810e2ca34d538fc6156d76d148641cd5241305
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87
2c52269df31048138642b05b8ea72ceeeab9d5b3e464c26f7168681d0c726d41
2ca9e311e9f3f2ba5a4c4cffebe62c9292f27887d3d48ea4e0d2a7d443741805
2cc75f01d2068dd0c212759aab59ca81c9ac1b42c5ae136c076586f6f588661d
2d2c3c795baa2b2f2643a148cb175863c0d5e653ca60a26558fe0b91f65c8002
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e55e38aa861959f897fed3d681696c8195fd7d305b25ff5599bf02add3c5138
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3020a98ef97d1ab430639a94d3d223a75b8c6111fe15dcf181cb25bd013cddd9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32d4e32610f665f17e5f51340879ea8ef32485270d3e74e8e70eeae967b32cfd
33bfb61e21bd18cc249fb62d88366826f63572edcbcb129b0c794856fa91ae91
34cf48283943ede04c2b5a4c8d17552473d96ac602c6d0427ea10c65feab80f7
35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586
35962b82d6aa1c34a608c2d94a6d200a39b2b30d943cd64fd538ccf5ee81738a
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad
375e8cb13ece612a31299d7712eca87078cf7036dfe9dee523c3e23d00c5c9bc
389aa1b469496e9ef1237d7b1c132191f148e5137c538d9b5e1857c9581a2c9e
3936054dfba8afc25f50966384b7652eebb1a7e99af1d2b0b05d66c448b937a6
39a9767a33fe8b9d31f24bb9f29f98152c9f738a1bf59539cfd87285d30be231
3b07ef4d47c67d270480af1e1921eff931eaa0621ebaa9b3a0a84dc15c71b573
3c968e05e8c4f75bd654106b4bdff27a3b7002a29cbb8e089b1b0095673d845c
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d89d2a833e0c8b73ddaac6d6ec14c4ab06c648ee6574f1b29e9ab8435e2f41e
3de83e7da727f5712316e277c631c883ef938a74f0fc95222cc2c3687372390a
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e493da1be1cceefedfccc43c12499f50ffe5ddf4bc76eeac417d97ae29283d5
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
412e44de7c09f2b8d76b1ad4ca25cc6915bcca5d737aaa7c5a6b44e5965d1d6d
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436
455059cfa6b8b8c8fd464634346d5425d31704ead8bc2edd781d409b7fe170a9
45a96d79c3d1efb7e227b4a23d40a3184e69296a4aa1563de5b5ec9179a3d6ef
45dd7d39e45fee921d1d0cb1a7852bebac8cb5145e1222452209e53acce24e5a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46d0a73a1843aa2d81341b6e1e10fdc78b84f4a8438e0a71cfde6c532f7f4a73
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49a0c2ffffe6c7e81093ae17f4ea99193ba5a3688755b309062e72f55f1c0324
4ab6c17b95e47fc6688982ee28ad157ba27f0e3ef1a463b2715792c34f0384ab
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
4d9bf7f335bd5a18e01b4cecb6bbf2c670bb66bc1b492b063454417572c721b7
4db2fe4ebe41cbbd107bc897b134518a86685b706c1460b357bc87bbc163c07f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f69d406e755952c460d327c29dd0230c3b8d18657f4592bf80ebe7a2339b15e
4f80b6b9492d8591d006c59512737b2bf8509b15deb91a57ee74d8742905554e
52b6f660e855b3d009814c6fa3ea5dcf9f868e3b19503450169d0d7f15d4a62e
53495588f47cea67569704214876b368a3577088677cd91617007616fac9cccd
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
572f6195620e2b183fd22a1c2a5e5ed7efb23d7396a7edf432233ef6759973a6
598732a6af28f89288b8ec8b36472cc19265e29e78cea0b4510beba858cbb78a
5a4cbf75c1bc308acd420193ea593086f0e2d182d35541e8eecd41947ddcdf7a
5b081291930d26712fc6d2fa06c9c66e13086d8734fb3c6c868f058737a47043
5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305
5b936c3a9493926be31cf3379e6b47212304d97b744c142522f57e13f038f72f
5bfbf8bfd2201da363311048624e8cdcbbde2e86a28fb612949eb0d926cc0bf8
5dd2c0559830c762c2a546e7f40de7b5137333c07eaa228ef62298e923e7ce1d
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
608878392b505e6f542c9fde623ff22542e7d90f029c42c6ab35b3f1556a9f4a
60a490b681a6aa01e5ed98e44da3b896ba3c217e75aa1524f15c0888bdc76c07
6110bd3d72d24a65ab45401d0318208e362f323aca3c84d57a36523d34a60f0b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62998eb230205cec9dbb97bedc6654520af6e3b2b452f17c38b54eb10829a005
63c232511cd1f130faec46a40a0cde0cf7ea83a19b34f01267b793c8695c51b8
65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4
65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479
65e08beb42a478adfc09e060a428ebe8d50160a8a8cc48edd5ee1cd2d3ab298c
67f04d7efcddbcbbcce55ab30e16e171e26a01ae546b19820a869dffa0995547
691d114327be68dbc2bdb308e1e90c090f997ab883293781706f47dcfbfbe85e
695669eab4d353184ff9d06af8b2e1d0c0aea5af143d16b84206b05f1fa7ec3d
6b3bb303c42b32572c7c0487998fbda6086886f7fd8b8361dc83943a5696555d
6b701945f719940518b28b5d00f105ef61e13f408f354b64728fc98639e59837
6e7c72506bd86b67b9ee08149c65bb5b97a7e6f1dc44c2bf66b8bebfdfa97203
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
6fb9c05970becece107c23e11d3b7c396fd8386e0b599dcac43f0ab3312057cb
6fd68addfad323c636fb7b5883cd465654f05ff993cb8c753ce56499a83e4889
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72971a1ebf5dda7f5448b5047eba8b6a1af946ce1a70872b8d1b981092a18639
72b957c8e33b77cbf556151dc0c974c59408561b4bf97828c5b400bb60663138
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
745f76c8d7cfbe00c5f1d9cd212b35730ca273ebdf6f8b0f3f4f69e0ccb2ba29
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
775b424b1c2850c7b3654376bf95f1fe12305368aac913804d87c24648427978
779227a82c0f4205323dab8bd4c4767bb90a7283aedccd59620b169f41e1897f
782a2b9f3d56c694ea581f46f075d8fdb343f61359ff43bf62e53acbaa9fd272
79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d
7a785e8b2ad30e6279397d656a61f70ad6341ee944c310df19593d8fabd79d9f
7ac6c155aa063758c1222c3990d67266f05ada2514d4fe7485797a7d994706ff
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
7cea76adea490a4845fe50f4896a60e5d1c64f37a9fd09a2211f5ce4315d245a
7cfac12b75caab0ddda5b1fbe3bb0ab800dae343d90a213630952439c6838268
804cd20ce0af8849bc9045ee74552987bb854dc3b51a38ab7cad6c4825495771
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
845cdf71d942ab02d1889c6aff6a2bbaa384c70f097272900bb9e5e4c8bb5b10
84dbea809787acd9c5c767113eb3f7bc492f55812613c10507f66f10d205db36
84efd7618de2b2b5aef333f8ba2496ff5de378ad842bde3f7dcca2f67851b954
852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e
86130af3b528206d73fe22fd80a119507fe1c1f6b0cc6946a0ce8ebb1821103d
8756f19020bac3a40d2a403c5f5bcf3ac5034bc0da074d6a383bbe6c32561de5
87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068
88f091504d46062b949e52027d3d3b7981aef1913b888f763b5ef35c376e2122
88f926a23425cba8a243ae6da41cd2bdc89896f2aa31ca1ec776d8b9f092a022
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8bb00acf4880efb28eed53e6dabac625b96144d619d0ed4da1ff7859148f046b
8bd499bd31d582e2ddda2765b57a058c9dcea3968c55ec7dc0323b82b8c66c01
8ce5a2fdcc89e93de8aeb664679ef8bfadf7cb018bd66b710080c0f9c1b34f4d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d81cce3b76dfc9c7fadc623d12df283d45280970ff724c788e4546a6d90fcd0
8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8e7531845e993881dbcfe417866a4ff602262056b57fdbe8b5486b7f9ccc9324
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
93eb2558997c67e86a9031b77b19cf035a5c3c96c00c8e96d76a5c772d73b4eb
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9940aa698f6c244e473e4c08da70cbf1f19ae9c39accc13df0f787223d84b39d
99547a965f07daf7a5531abff25b655f8ca954dcd1fc1794a87e62b4f59069a7
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9dddb84e93b5642ca2ca712395d322f1d7b78fd93765e9004893c53d482ce3
9b6db9fa9496af49f62411e9f34276419859821a07655f975f8e513f0020379e
9ca7727fb1c6976ff4781468794f60a563b77b33c0a0e4d53b18a1f9a43cb3aa
9cabeb253e4ea8def793cb32a890c1dbf05f0413a8723a7d73c5694049b01b0c
9cd0cf9358f6d9ef9aecc29466faba4f8f2f5b9a79f03be60e6b220558fd4340
9e0d50d8868d75a85044f1fde5213c2a4ee8c5f7680374b05192fcc213304a7e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a21ce6cb6df889bfcc5b718c5be12035124e27cd082db3fac9e9b645cf01a1b9
a3d105f07541a26fed0c6a15dbc92dc88fc23d519022cdbad1e1c9c4b97bad82
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f
ac6c4db996a8703c6d438f4bedb86c96ea166bd9534042d4d350ef279c392833
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
af7c4f54c65129fc0ea52b1e7ae26f047ba21953adaf59b3fcb1962fc3f810f1
b02bf2a8d76d3e8d58db00ee7d49100ee09d44b38d1d363bdbd33f9c72e92da1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b60f715cde193239756e037cbecc99fa97ca2d8928e259336177c7ce204cb333
b9e38cc9731430afe84fde118d71237c9a86fce3230e5ac7ae1d7f86c102842a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb9ed1770e9024deb98eee45ba561267d7ef74129e952928e7d62d581948bc0e
bd627fa4597316586513b71c7a8c3444916e144d103061305003cfed99d0ccad
be670c3d3cc9021e3e244a863bd36f5c685a09f46cffefdb930b9fefee0fec0e
bea009c9830ecb3678ffe9bca52c39add63548c44abda970ed22cf783e772dbb
bf00f4b3f23914a25418443d07ab92a8b4f5371f9c11aee9968c6808259659fc
bf44cea4d8eafe4c35f8f0bb607771c1daa15484b900b00fa31a89695bcc8730
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c484c78d502a9769494d9fe87c9a826618b36fd60b567dee2cfa0f4e9163d79d
c4de63384da5e10bec84c04e5e55e923ed23830e6c5d76289a7479c76d81caf8
c60e2fc9ce0914bf1cf11e141c745da30edc15af953fd6682d0d95df5d83f809
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
c86d792f85479bc941b4eb8e817e461f88e5b57097f65c48529b509857bda2ea
c874f708f5b975cd971bc4b89f3a432a46121a549273f79c0e1363ef54001157
c9b3df2175f6b51e8c7ca74de67d096dad198f28de115078f9332fa3fb379ab5
cf5b33ab5d489294cb53df9ce403bdec785f6e714733f263c2a637130a4a5715
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d118c058946ea83791fc6880ec2fbd8b3a5f044b59116b2421ce44a61f1c448d
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d2c9a870b31446dc6a8a7589f13727c6da36d0af861fbbb537b121e8d6f836e6
d38961bd0b1ca21df559b911d10e02450f663398373f3e6ac76eb31809b5b75e
d464db80aa9b93727bd559950ad128858761a829a1f7c35a996093096ce611e0
d57aeaf80265f0b85de1bf9798c3eb60e8b8a71869a16cea4873e21667c9f657
d68c3ead837103c502de483abfdb0167fa83abe2a3ba452df2d5f216289f6c9f
d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74
d96713d629d34f96fc5648ff5d616564a075f84af24f3fa21aec0b7ebede6899
d988006fdf7126543981eeb3b29708cf01fe346a0ed53acccd145089e0ea71c7
d9abd525917e48d54f716492e335bf71102457245e12ebf50ee88b71d8c9b58b
da9dd4e2d9eda2ce4af40e47828d08ab38165d669469dc422b86a47ed4dcfafa
daeaceae7fd7857280ab71af9b6926d9a2d24d0b6b78ef5d713749e741a99224
dafeba77f9e1cb5475d5783eab65b1b22875210a7a3407e428588be09bfa4f6f
dbc8e7010be7250d7092fa7cdfc81186f97e3abf060d836d4054ba37f1160ce3
dbf50ccfd2d8330dc37e49ceac844ef2a01d7fc1f5d0b9f6753dbe7a54bd4c41
dc691e98d42de3d1cd32438bdc3c4a0e5458876642c64466902a3218bafc4673
dcc661c6f79dcda30744c6d7190d20ba09d50080d8fab85536f65492bc119d13
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de75f444078a5fd5e4d8ea3ee8ed9d888bf10ed5fc3b0fbe432ee66ef584b0cf
e0481313c647cbd585c8c414faf161ae3a39d9ae44d064d0eb043bc0538daa29
e161aaa7e830debe303b2082ee4db2b3caaf552c17f5d324dc581f512221fda4
e16941500a7e562826092aa4e31a907a0c6e9354e4c843391cd3fdec33602bb1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41f23564b873959d15cb6e1a3b1bd018944ce85bdffbad3174263a83f296523
e5ae5bb0c1e14f869098287f210cd8100959cc43be70ef96ccdd77ec6c00bec6
e6f66edeac3b3a3f7b2cd9d2c9c0365f42b989cc873dd956522bcc03e1279413
e703a095f6114a9905c889cd75b7bd1059a758b00d3c01ca55f3f064a686a389
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eab542735687ed0a2e1582c2f1fc4781935589e144f1b37f5d2f4008e3054c92
ebe881215b5bb126dfb53f6e592d965a4e2daff27116b67a566a36d2e3fde9bb
ec3335df87c80ebcf7fffee9ff1f6b0c2faa989b113a646db062ddd9a9e07b81
ed8343699e054a0900f23319e31cba32ad43bf77136313508ea25d86073366bb
ee4af143a6a0a29cda4f26e4e9e05fbc58918dfa32bb26bb7f43b266afc0a085
ee855581a36f5e32f1850e5d174d46156e51d3790a84851000c6b8cc0f135408
ef186bab99bb7eff46355b30a4055472c5a74f428785a1833882a15ca4116af6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef19e3064e5fd9e046a6f4661949e2c7b1c7862f5269ac227ab08b8f63da87fe
efeb6e803225f9b5029f140648d5f24bbe87bc633462d0501a0c1f2b3110bdc4
f142b877300869b45a30cdaecacb048afe2f9395d8fc1b30b62edbf766599262
f39ecc954934add03f0ad833d32bb9d1c1a2180118d11400d4f65dc088e257c6
f4bb6c152c06cdb9be9ea4e80e4862f3feea51ba5d7121de4295320d232d44f1
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b
fb0ffc718150a248851bb00c3a56553d8a0a083b94f32eaa2a854bcd1004e172
fb77bf58d1d05fe9dc161d7746355df1dbe888253ae685d1bb9b476c945bda72
fb7ae0f257f7da390f8c60998add4e543e1a56d4d5a22a1a494365b4fb8b5315
fbff698866ede7087892e8cfe85c5bf2ba2f3796d64986c7368f931f5be6d519