urlscan.io logo urlscan.io
SecurityTrails logo

www.sanook.com Open in urlscan Pro
61.91.93.41  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://webboard.sanook.com/forum/?action=post2;start=0;board=75
Effective URL: https://www.sanook.com/
Submission: On January 31 via manual from TH — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 128 IPs in 17 countries across 111 domains to perform 513 HTTP transactions. The main IP is 61.91.93.41, located in Thailand and belongs to TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH. The main domain is www.sanook.com. The Cisco Umbrella rank of the primary domain is 114870.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on June 16th 2023. Valid for: a year.
This is the only time www.sanook.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 203.151.133.19 4618 (INET-TH-A...)
16 61.91.93.41 7470 (TRUEINTER...)
4 151.101.129.44 54113 (FASTLY)
80 43.152.26.221 139341 (ACE-AS-AP...)
4 2a02:2638:3::3 44788 (ASN-CRITE...)
5 43.152.26.197 139341 (ACE-AS-AP...)
3 2a00:1450:400... 15169 (GOOGLE)
2 203.154.58.214 4618 (INET-TH-A...)
3 203.151.133.6 4618 (INET-TH-A...)
2 2a03:2880:f08... 32934 (FACEBOOK)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 142.250.181.226 15169 (GOOGLE)
1 8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 23.215.19.214 16625 (AKAMAI-AS)
1 3 13.32.121.17 16509 (AMAZON-02)
7 2.19.105.180 16625 (AKAMAI-AS)
1 203.151.128.177 4618 (INET-TH-A...)
1 5 2a02:2638:3::c 44788 (ASN-CRITE...)
2 9 2a00:1450:400... 15169 (GOOGLE)
7 185.64.190.82 62713 (AS-PUBMATIC)
6 2a00:1450:400... 15169 (GOOGLE)
3 47.243.203.231 45102 (ALIBABA-C...)
1 61.91.93.45 7470 (TRUEINTER...)
20 2a00:1450:400... 15169 (GOOGLE)
8 2a02:2638:3::7 44788 (ASN-CRITE...)
27 2a00:1450:400... 15169 (GOOGLE)
7 185.64.189.112 62713 (AS-PUBMATIC)
10 2a00:1450:400... 15169 (GOOGLE)
3 2.19.217.101 16625 (AKAMAI-AS)
5 10 185.89.210.180 29990 (ASN-APPNEX)
1 77.245.57.78 36057 (WEBAIR-IN...)
2 2602:803:c003... 26667 (RUBICONPR...)
1 172.64.151.101 13335 (CLOUDFLAR...)
1 7 35.244.159.8 396982 (GOOGLE-CL...)
1 4 198.47.127.19 3257 (GTT-BACKB...)
2 18.239.18.118 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 1 74.121.140.211 30419 (MEDIAMATH...)
14 185.64.191.210 62713 (AS-PUBMATIC)
3 3 178.250.1.9 44788 (ASN-CRITE...)
2 13 67.220.228.203 16509 (AMAZON-02)
3 3 2620:116:800d... 16509 (AMAZON-02)
9 198.47.127.205 62713 (AS-PUBMATIC)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
6 7 35.214.149.91 15169 (GOOGLE)
2 2 52.28.196.42 16509 (AMAZON-02)
1 1 54.205.56.39 14618 (AMAZON-AES)
7 7 34.247.62.134 16509 (AMAZON-02)
13 24 142.250.184.226 15169 (GOOGLE)
3 6 217.182.178.234 16276 (OVH)
2 5 208.93.169.131 46244 (WEBMD-IDC...)
2 2 213.155.156.169 1299 (TWELVE99 ...)
3 5 63.34.44.38 16509 (AMAZON-02)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
3 4 34.246.105.162 16509 (AMAZON-02)
4 5 37.157.6.243 198622 (ADFORM)
1 2 35.204.158.49 396982 (GOOGLE-CL...)
7 52.223.40.198 16509 (AMAZON-02)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
4 4 3.71.149.231 16509 (AMAZON-02)
3 198.47.127.20 3257 (GTT-BACKB...)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
3 3 98.98.134.243 21859 (ZEN-ECN)
2 2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
7 162.19.138.118 16276 (OVH)
1 99.80.224.8 16509 (AMAZON-02)
15 2a00:1450:400... 15169 (GOOGLE)
1 2.19.104.211 16625 (AKAMAI-AS)
6 2.19.217.60 16625 (AKAMAI-AS)
1 172.64.149.180 13335 (CLOUDFLAR...)
3 43.152.26.104 139341 (ACE-AS-AP...)
6 2607:f8b0:400... 15169 (GOOGLE)
3 108.138.6.136 16509 (AMAZON-02)
2 34.107.231.31 396982 (GOOGLE-CL...)
6 8 69.173.144.139 26667 (RUBICONPR...)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 99.86.4.39 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 184.30.211.26 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 151.101.67.52 54113 (FASTLY)
1 18.245.47.29 16509 (AMAZON-02)
8 12 69.173.144.138 26667 (RUBICONPR...)
1 4 52.46.130.91 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2.22.242.107 20940 (AKAMAI-ASN1)
1 1 54.152.54.228 14618 (AMAZON-AES)
2 18.157.105.44 16509 (AMAZON-02)
1 2 104.18.41.104 13335 (CLOUDFLAR...)
1 145.40.97.66 54825 (PACKET)
1 2600:9000:237... 16509 (AMAZON-02)
1 2600:9000:236... 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 35.214.157.145 15169 (GOOGLE)
1 2a02:6b8::90 13238 (YANDEX)
1 2607:4f00:944... 55081 (24SHELLS)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 3 46.137.57.151 16509 (AMAZON-02)
1 34.120.63.153 396982 (GOOGLE-CL...)
1 192.96.203.13 30633 (LEASEWEB-...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 162.19.138.116 16276 (OVH)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a02:2638:3::6 44788 (ASN-CRITE...)
1 2 81.17.55.171 60781 (LEASEWEB-...)
2 51.75.86.98 16276 (OVH)
1 1 35.214.168.80 15169 (GOOGLE)
1 1 2.18.160.23 16625 (AKAMAI-AS)
3 3 50.31.142.191 23352 (SERVERCEN...)
1 6 79.125.80.207 16509 (AMAZON-02)
2 2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 34.149.40.38 396982 (GOOGLE-CL...)
1 1 80.77.87.161 46636 (NATCOWEB)
5 43.152.44.84 139341 (ACE-AS-AP...)
2 2 34.111.113.62 396982 (GOOGLE-CL...)
2 2 82.145.213.8 39832 (NO-OPERA)
1 151.101.130.137 54113 (FASTLY)
1 162.247.241.14 23467 (NEWRELIC-...)
1 1 193.0.160.130 54312 (ROCKETFUEL)
1 1 35.214.167.88 15169 (GOOGLE)
2 3 151.101.66.49 54113 (FASTLY)
1 195.5.165.20 44968 (IPROM-AS)
1 63.251.232.165 32475 (SINGLEHOP...)
1 1 141.94.242.206 16276 (OVH)
2 2 146.59.148.16 16276 (OVH)
1 35.186.193.173 15169 (GOOGLE)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 162.55.120.196 24940 (HETZNER-AS)
5 6 46.228.174.117 56396 (AMOBEE)
2 2 2001:678:cb4:... 56396 (AMOBEE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.122 42697 (NETIC-AS)
2 2 141.94.171.216 16276 (OVH)
6 6 3.127.178.105 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 1 64.227.64.62 14061 (DIGITALOC...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 35.241.31.249 15169 (GOOGLE)
1 1 2600:9000:211... 16509 (AMAZON-02)
1 1 20.127.253.7 8075 (MICROSOFT...)
2 142.250.185.130 15169 (GOOGLE)
1 1 2.19.100.239 ()
1 185.83.71.234 ()
1 2.19.216.27 ()
1 2606:4700:20:... ()
1 23.53.232.23 ()
513 128
1    203.151.133.19 (Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 19.134.151.203.sta.inet.co.th
webboard.sanook.com
16    61.91.93.41 (Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-93-41.static.asianet.co.th
www.sanook.com
graph.sanook.com
apiu.sanook.com
4    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
beacon.taboola.com
80    43.152.26.221 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)
s.isanook.com
4    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
5    43.152.26.197 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)
p3.isanook.com
3    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    203.154.58.214 (Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 203-154-58-214.northern.inet.co.th
lvs2.truehits.in.th
3    203.151.133.6 (Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 6.134.151.203.sta.inet.co.th
sal.isanook.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2606:4700:20::681a:6e4 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.ocmhood.com
t.ocmhood.com
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.ocmtag.com
rtbdemand.apiip.net
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
www.googleadservices.com
8    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
3    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.ch
3    23.215.19.214 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-19-214.deploy.static.akamaitechnologies.com
avd.innity.net
3    13.32.121.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-17.fra60.r.cloudfront.net
sb.scorecardresearch.com
7    2.19.105.180 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-105-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    203.151.128.177 (Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 177.128.151.203.sta.inet.co.th
sloth-api.sanook.com
5    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
9    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
7    185.64.190.82 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
ut.pubmatic.com
t.pubmatic.com
6    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    47.243.203.231 (Hong Kong, Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
avd.innity.com
1    61.91.93.45 (Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-93-45.static.asianet.co.th
dc.sanook.com
20    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
8    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
27    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
7    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
10    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
3    2.19.217.101 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-101.deploy.static.akamaitechnologies.com
a.teads.tv
10    185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    77.245.57.78 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
rtb-eu.andbeyond.media
2    2602:803:c003:200::44 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
7    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
tencentth-d.openx.net
eu-u.openx.net
us-u.openx.net
4    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
2    18.239.18.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-118.ams58.r.cloudfront.net
tags.crwdcntrl.net
1    2600:9000:225b:9400:a:e047:753:eb41 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
2    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
5    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
67c897cbd6241acece1c5fd00825086b.safeframe.googlesyndication.com
1    74.121.140.211 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
14    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
3    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
13    67.220.228.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
9    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    85.114.159.93 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
7    35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com
x.bidswitch.net
2    52.28.196.42 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-196-42.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
1    54.205.56.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-56-39.compute-1.amazonaws.com
sync.srv.stackadapt.com
7    34.247.62.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-62-134.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
24    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
6    217.182.178.234 (France)

ASN16276 (OVH, FR)
PTR: ip234.ip-217-182-178.eu
rtb-csync.smartadserver.com
5    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
2    213.155.156.169 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
5    63.34.44.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-44-38.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
id.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
4    34.246.105.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-105-162.eu-west-1.compute.amazonaws.com
a.audrte.com
5    37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
2    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
7    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
data.adsrvr.org
2    2a05:d018:d29:3605:4d30:662b:6e06:fc7c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
simage4.pubmatic.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
3    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
2    2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
7    162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
1    99.80.224.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-224-8.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
15    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2.19.104.211 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-104-211.deploy.static.akamaitechnologies.com
acdn.adnxs.com
6    2.19.217.60 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-60.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
3    43.152.26.104 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)
img-as.fsanook.com
6    2607:f8b0:4001:c2e::78 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
3    108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net
c.amazon-adsystem.com
2    34.107.231.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.231.107.34.bc.googleusercontent.com
p.adlooxtracking.com
8    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel-eu.rubiconproject.com
5    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    99.86.4.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-39.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
2    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    2606:4700:10::6816:35ad (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
1    151.101.67.52 (United States)

ASN54113 (FASTLY, US)
rtbpass.andbeyond.media
1    18.245.47.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-47-29.fra56.r.cloudfront.net
aax.amazon-adsystem.com
12    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    2.22.242.107 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-22-242-107.deploy.static.akamaitechnologies.com
hb.yahoo.net
1    54.152.54.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-54-228.compute-1.amazonaws.com
sync.ipredictive.com
2    18.157.105.44 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-105-44.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
1    145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    2600:9000:237d:0:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
1    2600:9000:236e:c600:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)
wrappers.geoedge.be
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    35.214.157.145 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 145.157.214.35.bc.googleusercontent.com
grid.bidswitch.net
1    2a02:6b8::90 (Russian Federation)

ASN13238 (YANDEX, RU)
bs.yandex.ru
1    2607:4f00:944:0:3eec:efff:fed0:86a2 (Piscataway, United States)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
1    2606:4700:4400::6812:22b2 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
3    46.137.57.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-57-151.eu-west-1.compute.amazonaws.com
ap.lijit.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
1    192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
1    2606:4700:20::ac43:49e4 (United States)

ASN13335 (CLOUDFLARENET, US)
rtb.adpone.com
3    162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
2    2a02:2638:3::6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ssp-sync.criteo.com
2    81.17.55.171 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
ssbsync.smartadserver.com
2    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
1    35.214.168.80 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 80.168.214.35.bc.googleusercontent.com
trace-eu.mediago.io
1    2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com
cs.media.net
3    50.31.142.191 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
6    79.125.80.207 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-79-125-80-207.eu-west-1.compute.amazonaws.com
ce.lijit.com
2    2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pulsepoint-match.dotomi.com
3    34.149.40.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.40.149.34.bc.googleusercontent.com
u.4dex.io
1    80.77.87.161 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
5    43.152.44.84 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)
bmedia1.fsanook.com
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
1    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    35.214.167.88 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 88.167.214.35.bc.googleusercontent.com
csync.loopme.me
3    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    63.251.232.165 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    141.94.242.206 (France)

ASN16276 (OVH, FR)
PTR: bixel-11.cloudy.ovh
green.erne.co
2    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh
pixel-eu.onaudience.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
3    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
6    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    2606:4700:10::6816:3262 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.51.122 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    141.94.171.216 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-10.cloudy.ovh
pixel.onaudience.com
6    3.127.178.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
ps.eyeota.net
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
1    64.227.64.62 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    2606:4700:10::6816:4092 (United States)

ASN13335 (CLOUDFLARENET, US)
j.adlooxtracking.com
1    35.241.31.249 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 249.31.241.35.bc.googleusercontent.com
data00.adlooxtracking.com
1    2600:9000:211e:6000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
2    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2.19.100.239 (None, )

ASN- ()
hbx.media.net
1    185.83.71.234 (None, )

ASN- ()
sync.adtelligent.com
1    2.19.216.27 (None, )

ASN- ()
contextual.media.net
1    2606:4700:20::681a:467 (None, )

ASN- ()
cdn.aralego.net
1    23.53.232.23 (None, )

ASN- ()
c21lg-d.media.net
Apex Domain
Subdomains		 Transfer
88 isanook.com
s.isanook.com — Cisco Umbrella Rank: 104405
p3.isanook.com — Cisco Umbrella Rank: 140320
sal.isanook.com — Cisco Umbrella Rank: 128331
2 MB
57 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594
591 KB
51 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 535
ut.pubmatic.com — Cisco Umbrella Rank: 7383
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
image6.pubmatic.com — Cisco Umbrella Rank: 805
simage2.pubmatic.com — Cisco Umbrella Rank: 870
image2.pubmatic.com — Cisco Umbrella Rank: 912
image4.pubmatic.com — Cisco Umbrella Rank: 1237
simage4.pubmatic.com — Cisco Umbrella Rank: 1277
t.pubmatic.com — Cisco Umbrella Rank: 3180
302 KB
47 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
67c897cbd6241acece1c5fd00825086b.safeframe.googlesyndication.com
352 KB
28 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 520
eus.rubiconproject.com — Cisco Umbrella Rank: 579
token.rubiconproject.com — Cisco Umbrella Rank: 477
pixel.rubiconproject.com — Cisco Umbrella Rank: 381
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2084
51 KB
22 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 801
c.amazon-adsystem.com — Cisco Umbrella Rank: 314
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591
aax.amazon-adsystem.com — Cisco Umbrella Rank: 395
s.amazon-adsystem.com — Cisco Umbrella Rank: 326
90 KB
21 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2616
www.google.com — Cisco Umbrella Rank: 2
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143
73 KB
19 sanook.com
webboard.sanook.com
www.sanook.com — Cisco Umbrella Rank: 114870
graph.sanook.com — Cisco Umbrella Rank: 200471
sloth-api.sanook.com — Cisco Umbrella Rank: 174787
dc.sanook.com — Cisco Umbrella Rank: 136068
apiu.sanook.com — Cisco Umbrella Rank: 383821
49 KB
18 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 423
mug.criteo.com — Cisco Umbrella Rank: 3123
bidder.criteo.com — Cisco Umbrella Rank: 679
dis.criteo.com — Cisco Umbrella Rank: 608
ssp-sync.criteo.com — Cisco Umbrella Rank: 1424
13 KB
11 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
acdn.adnxs.com — Cisco Umbrella Rank: 598
secure.adnxs.com — Cisco Umbrella Rank: 490
27 KB
9 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 671
ce.lijit.com — Cisco Umbrella Rank: 859
5 KB
9 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
grid.bidswitch.net — Cisco Umbrella Rank: 1225
4 KB
9 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 857
id5-sync.com — Cisco Umbrella Rank: 425
54 KB
8 gstatic.com
csi.gstatic.com
fonts.gstatic.com
32 KB
8 fsanook.com
img-as.fsanook.com — Cisco Umbrella Rank: 183526
bmedia1.fsanook.com — Cisco Umbrella Rank: 443613
4 MB
8 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 669
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
4 KB
8 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1005
sync.crwdcntrl.net — Cisco Umbrella Rank: 853
bcp.crwdcntrl.net — Cisco Umbrella Rank: 898
id.crwdcntrl.net — Cisco Umbrella Rank: 2323
26 KB
7 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 336
505 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
data.adsrvr.org — Cisco Umbrella Rank: 5024
2 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 555
4 KB
7 openx.net
tencentth-d.openx.net — Cisco Umbrella Rank: 181883
eu-u.openx.net — Cisco Umbrella Rank: 2043
us-u.openx.net — Cisco Umbrella Rank: 524
2 KB
6 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1074
3 KB
6 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1603
mp.4dex.io — Cisco Umbrella Rank: 2539
u.4dex.io — Cisco Umbrella Rank: 3777
27 KB
6 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
ups.analytics.yahoo.com — Cisco Umbrella Rank: 358
2 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
355 KB
5 media.net
prebid.media.net — Cisco Umbrella Rank: 1229
cs.media.net — Cisco Umbrella Rank: 1236
hbx.media.net
contextual.media.net
c21lg-d.media.net
10 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 410
104 KB
5 adform.net
dmp.adform.net — Cisco Umbrella Rank: 3041
c1.adform.net — Cisco Umbrella Rank: 583
3 KB
5 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 523
5 KB
5 google.ch
www.google.ch — Cisco Umbrella Rank: 29645
752 B
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 547
2 KB
4 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 19240
pixel.onaudience.com — Cisco Umbrella Rank: 3060
2 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
imasdk.googleapis.com — Cisco Umbrella Rank: 485
374 KB
4 adlooxtracking.com
p.adlooxtracking.com — Cisco Umbrella Rank: 23923
j.adlooxtracking.com — Cisco Umbrella Rank: 16912
data00.adlooxtracking.com — Cisco Umbrella Rank: 14341
30 KB
4 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3439
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 7333
1 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2054
3 KB
4 criteo.net
static.criteo.net — Cisco Umbrella Rank: 657
55 KB
4 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1024
beacon.taboola.com — Cisco Umbrella Rank: 18652
7 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 843
d.turn.com — Cisco Umbrella Rank: 1381
1 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 874
s.tribalfusion.com — Cisco Umbrella Rank: 2405
1 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 716
923 B
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 626
2 KB
3 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 914
820 B
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1664
a.ad.gt — Cisco Umbrella Rank: 1857
5 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 722
2 KB
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
1 KB
3 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1434
2 KB
3 innity.com
avd.innity.com — Cisco Umbrella Rank: 33189
2 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 177
3 KB
3 innity.net
avd.innity.net — Cisco Umbrella Rank: 47496
13 KB
3 ocmhood.com
sdk.ocmhood.com — Cisco Umbrella Rank: 35342
t.ocmhood.com — Cisco Umbrella Rank: 11670
13 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
266 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1382
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1373
904 B
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1217
1 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 501
1 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 707
1 KB
2 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 4977
sync.adtelligent.com
1 KB
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1105
522 B
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 508
69 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 564
860 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 856
1 KB
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 25218
498 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5298
562 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2298
1 KB
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1552
1 KB
2 andbeyond.media
rtb-eu.andbeyond.media — Cisco Umbrella Rank: 173470
rtbpass.andbeyond.media — Cisco Umbrella Rank: 60982
187 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
69 KB
2 truehits.in.th
lvs2.truehits.in.th — Cisco Umbrella Rank: 101343
9 KB
1 aralego.net
cdn.aralego.net
1 KB
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1482
712 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 662
435 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2579
555 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3434
440 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6671
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5784
360 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 33500
412 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1563
283 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6118
277 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 897
220 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 841
793 B
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 236
463 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 600
16 KB
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 973
624 B
1 mediago.io
trace-eu.mediago.io — Cisco Umbrella Rank: 16575
366 B
1 adpone.com
rtb.adpone.com — Cisco Umbrella Rank: 27803
931 B
1 aralego.com
hb.aralego.com — Cisco Umbrella Rank: 27521
sync.aralego.com Failed
176 B
1 yandex.ru
bs.yandex.ru — Cisco Umbrella Rank: 11423
440 B
1 geoedge.be
wrappers.geoedge.be — Cisco Umbrella Rank: 19272
4 KB
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1495
528 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 740
187 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 906
493 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 773
319 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 349
673 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1798
10 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1157
17 KB
1 apiip.net
rtbdemand.apiip.net — Cisco Umbrella Rank: 25584
416 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 644
2 KB
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 730
1 KB
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1331
738 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1833
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2948
3 KB
1 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 478
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622 Failed
673 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
2 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 ocmtag.com
cdn.ocmtag.com — Cisco Umbrella Rank: 37123
699 B
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 rlcdn.com Failed
api.rlcdn.com Failed
513 111
Domain Requested by
80 s.isanook.com www.sanook.com
s.isanook.com
27 pagead2.googlesyndication.com securepubads.g.doubleclick.net
d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
www.sanook.com
pagead2.googlesyndication.com
imasdk.googleapis.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
24 cm.g.doubleclick.net 13 redirects eu-u.openx.net
googleads.g.doubleclick.net
www.sanook.com
d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
20 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.sanook.com
d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
15 tpc.googlesyndication.com d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
www.sanook.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
14 simage2.pubmatic.com ads.pubmatic.com
13 aax-eu.amazon-adsystem.com 2 redirects ads.pubmatic.com
eu-u.openx.net
www.sanook.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
ce.lijit.com
12 pixel.rubiconproject.com 8 redirects www.sanook.com
11 apiu.sanook.com s.isanook.com
10 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
9 image2.pubmatic.com ads.pubmatic.com
9 ib.adnxs.com 4 redirects ads.pubmatic.com
acdn.adnxs.com
rtbpass.andbeyond.media
googleads.g.doubleclick.net
9 www.google.com 2 redirects www.sanook.com
d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
tpc.googlesyndication.com
8 bidder.criteo.com static.criteo.net
rtbpass.andbeyond.media
8 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
www.sanook.com
pagead2.googlesyndication.com
7 s0.2mdn.net www.sanook.com
imasdk.googleapis.com
s0.2mdn.net
7 token.rubiconproject.com 5 redirects eus.rubiconproject.com
7 id5-sync.com cdn.id5-sync.com
ads.pubmatic.com
rtbpass.andbeyond.media
7 match.prod.bidr.io 7 redirects
7 x.bidswitch.net 6 redirects
7 hbopenbid.pubmatic.com ads.pubmatic.com
rtbpass.andbeyond.media
7 ads.pubmatic.com s.isanook.com
ads.pubmatic.com
www.sanook.com
rtbpass.andbeyond.media
6 ps.eyeota.net 6 redirects
6 ce.lijit.com 1 redirects aax-eu.amazon-adsystem.com
ce.lijit.com
6 t.pubmatic.com ads.pubmatic.com
6 csi.gstatic.com securepubads.g.doubleclick.net
cdn.ampproject.org
pagead2.googlesyndication.com
6 eus.rubiconproject.com ads.pubmatic.com
eus.rubiconproject.com
aax-eu.amazon-adsystem.com
rtbpass.andbeyond.media
6 match.adsrvr.org ads.pubmatic.com
eu-u.openx.net
www.sanook.com
rtbpass.andbeyond.media
6 rtb-csync.smartadserver.com 3 redirects ssbsync.smartadserver.com
6 www.googletagservices.com s.isanook.com
securepubads.g.doubleclick.net
d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
5 bmedia1.fsanook.com s.isanook.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 bh.contextweb.com 2 redirects aax-eu.amazon-adsystem.com
bh.contextweb.com
5 www.google.ch www.sanook.com
5 p3.isanook.com www.sanook.com
s.isanook.com
p3.isanook.com
4 sync.1rx.io 4 redirects
4 s.amazon-adsystem.com 1 redirects www.sanook.com
bh.contextweb.com
4 us-u.openx.net 1 redirects eu-u.openx.net
googleads.g.doubleclick.net
4 ups.analytics.yahoo.com 4 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 sync.crwdcntrl.net 3 redirects ads.pubmatic.com
4 d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 image6.pubmatic.com 1 redirects ads.pubmatic.com
4 gum.criteo.com 1 redirects static.criteo.net
ads.pubmatic.com
4 graph.sanook.com s.isanook.com
4 static.criteo.net www.sanook.com
securepubads.g.doubleclick.net
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 u.4dex.io ssbsync.smartadserver.com
ads.pubmatic.com
3 b1sync.zemanta.com 3 redirects
3 lb.eu-1-id5-sync.com ads.pubmatic.com
cdn.id5-sync.com
rtbpass.andbeyond.media
3 ap.lijit.com 1 redirects rtbpass.andbeyond.media
3 c.amazon-adsystem.com www.sanook.com
c.amazon-adsystem.com
3 img-as.fsanook.com www.sanook.com
3 pixel-sync.sitescout.com 3 redirects
3 cms.quantserve.com 3 redirects
3 dis.criteo.com 3 redirects
3 a.teads.tv ads.pubmatic.com
rtbpass.andbeyond.media
3 avd.innity.com avd.innity.net
www.sanook.com
3 sb.scorecardresearch.com 1 redirects p3.isanook.com
www.sanook.com
3 avd.innity.net p3.isanook.com
avd.innity.net
www.sanook.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 sal.isanook.com www.sanook.com
3 www.googletagmanager.com www.sanook.com
www.googletagmanager.com
www.google-analytics.com
2 googleads4.g.doubleclick.net www.sanook.com
2 pixel.onaudience.com 2 redirects
2 uipglob.semasio.net 1 redirects
2 sync.targeting.unrulymedia.com 1 redirects d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
2 ad.turn.com 2 redirects
2 a.tribalfusion.com 1 redirects d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
2 pixel-eu.onaudience.com 2 redirects
2 t.adx.opera.com 2 redirects
2 pixel.tapad.com 2 redirects
2 pulsepoint-match.dotomi.com 2 redirects
2 onetag-sys.com aax-eu.amazon-adsystem.com
www.sanook.com
2 ssbsync.smartadserver.com 1 redirects www.sanook.com
2 ssp-sync.criteo.com static.criteo.net
www.sanook.com
2 simage4.pubmatic.com ads.pubmatic.com
2 grid.bidswitch.net rtbpass.andbeyond.media
2 script.4dex.io rtbpass.andbeyond.media
script.4dex.io
2 capi.connatix.com 1 redirects www.sanook.com
2 match.sharethrough.com www.sanook.com
ssbsync.smartadserver.com
2 id.hadron.ad.gt cdn.hadronid.net
2 fonts.gstatic.com fonts.googleapis.com
2 imasdk.googleapis.com s.isanook.com
imasdk.googleapis.com
2 fonts.googleapis.com securepubads.g.doubleclick.net
2 p.adlooxtracking.com www.sanook.com
p.adlooxtracking.com
2 eu-u.openx.net ads.pubmatic.com
eu-u.openx.net
2 pubmatic-match.dotomi.com 2 redirects
2 creativecdn.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 cdn.id5-sync.com securepubads.g.doubleclick.net
www.sanook.com
2 tags.crwdcntrl.net securepubads.g.doubleclick.net
www.sanook.com
2 fastlane.rubiconproject.com ads.pubmatic.com
rtbpass.andbeyond.media
2 t.ocmhood.com sdk.ocmhood.com
2 region1.analytics.google.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 beacon.taboola.com www.sanook.com
2 connect.facebook.net www.sanook.com
connect.facebook.net
2 lvs2.truehits.in.th www.sanook.com
2 cdn.taboola.com www.sanook.com
cdn.taboola.com
1 c21lg-d.media.net contextual.media.net
1 cdn.aralego.net rtbpass.andbeyond.media
1 contextual.media.net rtbpass.andbeyond.media
1 sync.adtelligent.com rtbpass.andbeyond.media
1 hbx.media.net 1 redirects
1 sync.inmobi.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 data00.adlooxtracking.com j.adlooxtracking.com
1 j.adlooxtracking.com www.sanook.com
1 match.adsby.bidtheatre.com 1 redirects
1 d.turn.com 1 redirects
1 mwzeom.zeotap.com
1 matching.truffle.bid ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 green.erne.co 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 p.rfihub.com 1 redirects
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com www.sanook.com
1 data.adsrvr.org ce.lijit.com
1 pixel-eu.rubiconproject.com 1 redirects
1 secure.adnxs.com 1 redirects
1 cs.admanmedia.com 1 redirects
1 cs.media.net 1 redirects
1 trace-eu.mediago.io 1 redirects
1 a.ad.gt cdn.hadronid.net
1 rtb.adpone.com rtbpass.andbeyond.media
1 hb.aralego.com rtbpass.andbeyond.media
1 prebid.media.net rtbpass.andbeyond.media
1 mp.4dex.io rtbpass.andbeyond.media
1 ghb.adtelligent.com rtbpass.andbeyond.media
1 bs.yandex.ru rtbpass.andbeyond.media
1 wrappers.geoedge.be rtbpass.andbeyond.media
1 id.crwdcntrl.net ads.pubmatic.com
1 live.primis.tech www.sanook.com
1 prebid.a-mo.net www.sanook.com
1 sync.ipredictive.com 1 redirects
1 hb.yahoo.net www.sanook.com
1 px.ads.linkedin.com www.sanook.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 rtbpass.andbeyond.media www.sanook.com
1 cdn.hadronid.net www.sanook.com
1 secure.cdn.fastclick.net www.sanook.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 rtbdemand.apiip.net www.sanook.com
1 67c897cbd6241acece1c5fd00825086b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 js-sec.indexww.com ads.pubmatic.com
1 acdn.adnxs.com ads.pubmatic.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 image4.pubmatic.com ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 sync.mathtag.com 1 redirects
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tencentth-d.openx.net ads.pubmatic.com
1 htlb.casalemedia.com ads.pubmatic.com
1 rtb-eu.andbeyond.media ads.pubmatic.com
1 dc.sanook.com www.sanook.com
1 mug.criteo.com www.sanook.com
1 ut.pubmatic.com ads.pubmatic.com
1 sloth-api.sanook.com s.isanook.com
1 www.googleadservices.com www.googletagmanager.com
1 www.facebook.com www.sanook.com
1 cdn.ocmtag.com sdk.ocmhood.com
1 sdk.ocmhood.com cdn.taboola.com
1 www.sanook.com
1 webboard.sanook.com 1 redirects
0 sync.aralego.com Failed cdn.aralego.net
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 api.rlcdn.com Failed ads.pubmatic.com
0 dsum-sec.casalemedia.com Failed googleads.g.doubleclick.net
513 183
Subject Issuer Validity Valid
*.sanook.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-16 -
2024-07-16		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.isanook.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-12 -
2024-10-23		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
lvs2.truehits.in.th
Sectigo RSA Domain Validation Secure Server CA		 2024-01-29 -
2025-02-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-09 -
2024-02-07		 3 months crt.sh
ocmhood.com
Cloudflare Inc ECC CA-3		 2023-04-04 -
2024-04-03		 a year crt.sh
ocmtag.com
Cloudflare Inc ECC CA-3		 2023-12-25 -
2024-12-24		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.google.ch
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.innity.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-29 -
2025-01-03		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.innity.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-05 -
2025-01-04		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
teads.tv
R3		 2024-01-22 -
2024-04-21		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.andbeyond.media
Starfield Secure Certificate Authority - G2		 2023-02-14 -
2024-03-17		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
cdn.prod.uidapi.com
R3		 2024-01-24 -
2024-04-23		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2024-01-22 -
2024-04-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-13 -
2024-12-22		 a year crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-12-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-01-10 -
2024-06-26		 6 months crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.fsanook.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-13 -
2024-12-23		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
apiip.net
Cloudflare Inc ECC CA-3		 2024-01-11 -
2024-12-31		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
p.adlooxtracking.com
GTS CA 1D4		 2024-01-10 -
2024-04-09		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
hadronid.net
GTS CA 1P5		 2023-12-03 -
2024-03-02		 3 months crt.sh
id.hadron.ad.gt
E1		 2024-01-27 -
2024-04-26		 3 months crt.sh
andbeyond.media
Certainly Intermediate R1		 2024-01-19 -
2024-02-18		 a month crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
gw.geoedge.be
Amazon RSA 2048 M01		 2023-08-12 -
2024-09-09		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-09-24 -
2024-03-24		 6 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2024-01-27 -
2024-04-26		 3 months crt.sh
*.lijit.com
Amazon RSA 2048 M02		 2023-11-21 -
2024-12-19		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-12-24 -
2024-03-23		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-09 -
2024-12-09		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
a.ad.gt
E1		 2023-12-12 -
2024-03-11		 3 months crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-17 -
2025-01-16		 a year crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-23 -
2025-01-29		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-01 -
2024-12-21		 a year crt.sh
u.4dex.io
GTS CA 1D4		 2023-12-19 -
2024-03-18		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-01-15 -
2025-02-15		 a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-01		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.iprom.net
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
truffle.bid
R3		 2024-01-08 -
2024-04-07		 3 months crt.sh
adlooxtracking.com
GTS CA 1P5		 2024-01-25 -
2024-04-24		 3 months crt.sh
*.adlooxtracking.com
R3		 2023-12-18 -
2024-03-17		 3 months crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2024-01-19 -
2024-04-18		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-21 -
2024-12-21		 a year crt.sh

This page contains 71 frames:

Primary Page: https://www.sanook.com/
Frame ID: 16FC0676CD7FA1DBCBF38D4D51450EFA
Requests: 270 HTTP requests in this frame

Frame: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Frame ID: 205952AF4E96B75DA239FF4BA6C04303
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
Frame ID: 49CEF0437B99AF55C0A08B4CC99816A7
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Frame ID: 5CE527D0C1EB54756D29B702416B3C0F
Requests: 18 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Frame ID: EB05102A6E0F2544C9D0C80B96670327
Requests: 8 HTTP requests in this frame

Frame: https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 74A3BDF154D98CC436B157045198F579
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:06ee65b9-d346-4700-ba4c-dbf0521173fc&gdpr=0&gdpr_consent=
Frame ID: F2EC98C6DB83F3C91D228D9FBD118370
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 4EDD8F8DC532F0EC4B6ED9B887D27A32
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=43979405-4EF2-4FF7-97BB-059840D99A84&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: DD091DEE9614D856CDA3F315DC890D02
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Fosl3ESNc9ANiX7dQotqhBWOIdcNhnOGFtiWnV56
Frame ID: 4BC8916D9C061CE055A587525BD8AC10
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6626623700304249093&gdpr=0&gdpr_consent=
Frame ID: 7527BD20C7ABA2477E256A694CD1F0FA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7330122161836193936&gdpr=0&gdpr_consent=
Frame ID: 5FAAD88B0BAB4953DAFDC05E4D7E18C5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ab70f9cc-ddaa-4a92-a1ec-b4be5e1439da&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: FF89A8AB084DC6EB1469CBD488667932
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=EaDA0c-KUAtjOXdDlP0h55VYG1Q&gdpr=0&gdpr_consent=
Frame ID: 34F61D1B0C65BDC9EC4CD755CE0B06B8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADi3k7Lc6cAABQCAGhMTQ&gdpr=0&gdpr_consent=
Frame ID: 7F4938FA54B19CFAE481903510B3AD90
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1884283304624959305
Frame ID: 53730A4219E3009E64D9CF3F5EEA4F58
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBsUbCTP_6OmnYVDz9ycwiyXMef8C39WLE1uwG4-oy18VlnykGjHoq-KjR1TkhiSLN2SnZkn6pN0jBz3xeEgAhs7E1FIg1u2dQV_C94ZkJywbtY3XeaQUAvuQGxtDn5b7am6UW7mjltiWcrSHfHCtUEqUFee-HAzgbsctW8m6f56qBLuBRUCNfaVpSf0C5QuliyE4UAbxmYtaQW6O3lCFL6ytD8BHwKdfdPJlGuXW_j1GTApsarPAyC_pJC6XTkwzvtepH2R7S2ABHYy5j9GCFq12csUWYxIInPaJEsx696CMoE6vLqtBoUxWuexfkwk9N2almdxjYmKWcYYlLKYxUE-_doPpeaTmxETDgpRhn1rWWp_Hmb1L2EFXf&sai=AMfl-YTlQx_DLUPE8XMfvBLSUDs0QIC8qM7G3ubBzAoB7B2iYvIitifqvzlWhLaGCBVavDOOR8CPPu1yu38LWPrr6TZxVRYjJuM30OT0I7hjifqM28wfjdoEyTe9eNSjom1i9uLixDhmip6yv7JGkoNHCSM&sig=Cg0ArKJSzNvgW_PTmcrIEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 682F9B8CC1CCEC5CDCD4395FDAD5593B
Requests: 14 HTTP requests in this frame

Frame: https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 11E5234EF1398DBEDBD6C7034CC67906
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 46A9FA6A162D233CC9E7DBCEAB4BB125
Requests: 2 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Frame ID: 3A008103A44FD1BAA7C38B3D2491E946
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 1DAD6B288B8B20B85528642C06EE9A35
Requests: 19 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 9241577016607FCD9ADE957137466B92
Requests: 1 HTTP requests in this frame

Frame: https://67c897cbd6241acece1c5fd00825086b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 5FF4CEC7498B5FDD781C0C9F2C21C9F4
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3sDQKMM6BH1b5wKwg-Cpm0i_1dnfJ-C87qhcu7se9JWWaS7RM3yh_bC0DzYWzhfQr6DxJnPr3tW20tPW1RRN5TG3qfpywGSCKnoIaX8D8tMUgnCHRlHkIe7XXOlbz1NLi3DRJ7x6gEq8b6sQ130QvruoBwLpXKHG9B8MhWOM-ipHPe5I_k7ybBSDVqigvTayWbVop2HN8ojWQpDaET_WHGxlGmzRR7j_4pjzaPypi9bm1Jlj7Wp4pmOnuFWlaPpc1lL6eo9QrBuHmMLL0S-1Ktlqud3oUx-73PWnVIetcsU9khixXwHxv7WcihkNtnpt2EjS8EGmGOXxVZpTJMSYmlHIe1jxT&sai=AMfl-YSRLkOEBj7Pnaf5jzLXDmViBIZOdJz7KjdWBEcvlTmgfTcvJXLvkdVsxhZjDkXno6AoC0K-OQiVutefnYi2utxX0r56BnboPMJuOzsDsuIRSPhTr7JqwLJCfgI5jQ&sig=Cg0ArKJSzPX5meLnDNYWEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: FBDB3A3966FF5BD5814D933084222A06
Requests: 3 HTTP requests in this frame

Frame: https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1AA69762CFC3749FFFD0004BA3FCFC13
Requests: 10 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012401091919000/amp4ads-v0.mjs
Frame ID: 6D2D16E56C209645B9831055A729F4EA
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfbKRC66ykYlNvagAIwAQ&v=APEucNXe_uufkkBrbq-xsui5gSF0enKXmfY3wWGi7f08tadKm6bIGxMf-TpxvZ4ohxVRRYeltfB7Ge8ZQoAgVREztY2L7y33z1nwTouq30GR7xORg8vMVro
Frame ID: 6E35341AD54860759BC97E895DC7EEF7
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E312BC2D4E01344684F83A803E853477
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6D3B6CC68EE3BD7594A49342BF998BF4
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.615.0_en.html
Frame ID: E85306AE3529E204F5E33D530BCE8954
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D901844D8BBDF8CAB6BC0BBD7F0238BC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20190131/zrt_lookup_fy2021.html
Frame ID: F27AFAA354EA05EC2DE554BB93CD5258
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-onetag_rbd_ppt_n-baidu_n-MediaNet_smrt_sovrn_n-Outbrain
Frame ID: 56CFB6B5D7DADE9894EA42CAD0A9668E
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-onetag_rbd_ppt_n-baidu_n-MediaNet_smrt_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Frame ID: 67A1399706524EB3F0AF111891B06BFE
Requests: 5 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Frame ID: 788F9895EC2431C68B044B7C4E32A4DF
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Frame ID: AEE2E449669D2C1E172A5552C41E2DB2
Requests: 4 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Frame ID: 8121904BC55E92FF55EE22B87A70C2D5
Requests: 4 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=5322462639283243386&gdpr=0&gdpr_consent=
Frame ID: A60EB285CBD2373745CD7CA3649C37D0
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Frame ID: C543C9F15060A4196109BF146509BCC9
Requests: 7 HTTP requests in this frame

Frame: https://cdn.taboola.com/webpush/tgframe.html
Frame ID: CC8E12F42514E67C1E5C266A96EFB2EE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 533244875F186BC88E2F0010A191E1E3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5FA5B29A0AF20934B089240829AE8EB0
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=43979405-4EF2-4FF7-97BB-059840D99A84&gdpr=0&gdpr_consent=
Frame ID: 455C797F1C9BCC51694BA803D5E97398
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUeefb8bf9417b492cace669cf437a7ad8
Frame ID: 97F495A906D87D8E7836721344BE6D7A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336727736117062
Frame ID: 9FD25BBFE9A10FFE92DF58D63DBD5AA3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: B3111FCE81F85E65BA79DE2FF185B01E
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZbnTSAABW68TOwBK
Frame ID: E4FF6E09D78518BFF1B88F45EF32D682
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: D6EA221D851B191E1DD92D96154E5D3A
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: B25085DD8DC1902A6638D1EEAC881BEC
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=H1I2i050UaWnMRggXhTVbgYR&gdpr=0&gdpr_consent=
Frame ID: CAE0B33A0BDEDF2D374AE60607435C68
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: FD644824F9197056E2F4349A8C439CB9
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 518726648251AB0313B69D7CA22D9250
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: D22B95F8575FEC6AF09AFF54BDD6FAEF
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 5E425C992452900EB5995740ABDA2BEE
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 117C10F68993FD5F366EDAFD4D1623E1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e6bb17fd-fe96-4226-b35d-349650324f34-003
Frame ID: 5C0F464EBA4430B77E720A14118E2483
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2A0CD7624B904F2592C0E7A29E0182DA&gdpr=0&gdpr_consent=
Frame ID: F6D3F2583F7AFC455956D31516B3C4FD
Requests: 1 HTTP requests in this frame

Frame: https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D8CD7A4648678B70138B35B42B00B11B
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COi0mwIQiaCjAhjltZuDAjAB&v=APEucNXTx12Cl5eLJf0zvkGD1UkAzYmKY9yczIVMDBuB-68S6U4CSliIRBCVbmipYz20TBD1OmI67oQpeHT9kfDDvi-QhI9gbWt6TKhGVVSuUg6JWsNuzl0
Frame ID: 729315D533C61D8E76DDCB953113292F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F819654B079A27C11BE96F3B55DD1CA6
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 78A73546ACB55327B34A62E9E02366F2
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14259855386497574395/index.html?ev=01_250
Frame ID: 0BE5A91B281B076BDF57C2ED6C852C75
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 77225E97AA27FDD20393D2BF42272339
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: CD701328BBBEB472D8E0D977251CB985
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)43979405-4EF2-4FF7-97BB-059840D99A84
Frame ID: 5429E83774E3E309DAEB2853D6B230E6
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)43979405-4EF2-4FF7-97BB-059840D99A84
Frame ID: 077F5463F9FBB2EF77B5CBA59641C028
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA&traffic_source=snippet&session=85AD5D58A23383F6&sp=715062&pb=312731&c=750708&a=754412&domain=https://www.sanook.com/
Frame ID: 1C487C761EC8A9254B79F53A32D63478
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156181
Frame ID: 8B1BFAC1CD17D5D8FB9716362685B475
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 395E858FBA6C4F039CC3AAD0333F924C
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 6A010B1674DE69E269F5CFF4BE2519FE
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: FEBB40EC07092C7D12BD2CF008B29F1D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

sanook.com รวมข่าว ดูดวง หวย ผลบอล เพลง Joox เกม

Page URL History Show full URLs

  1. https://webboard.sanook.com/forum/?action=post2;start=0;board=75 HTTP 301
    https://www.sanook.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

513
Requests

85 %
HTTPS

33 %
IPv6

111
Domains

183
Subdomains

128
IPs

17
Countries

10346 kB
Transfer

21296 kB
Size

178
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://webboard.sanook.com/forum/?action=post2;start=0;board=75 HTTP 301
    https://www.sanook.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 100
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=1573985810&cv=11&fst=1706677060185&bg=ffffff&guid=ON&async=1&gtm=45He41t0v77572129&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&pscdl=noapi&auid=4206996.1706677060&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=RNO5ZdCkJoKKxdwPwNKNoAk&sscte=1&crd=&eitems=ChAIgNnirQYQkeO2uY6iu-wzEh0AQOV8G7RPfaSyw2nnEYV59bDglPjdTr12myCkEA&pscrd=EkpDaEFJZ05uaXJRWVEtN0RJMnMtUGpza0JFaU1BSXRfb0VkQkN4a1dta0tlYTFFSFNLNTlyYU5BaHIxUkV2THdRMmZkajg2dlFsdxpWQ2hFSWdObmlyUVlROXF2QXJZYXItNHktQVJJckFDdUF2ZF9QeERsdkhsMVA1V3B3c2FheGVfVU9iUHQ3dHhJQnQ4ai0tcXpPaXBfWGFUdmNseVVsVUEiEwjQ1se_64aEAxUCRZEFHUBpA5Q HTTP 302
  • https://www.google.com/pagead/1p-conversion/1007499765/?random=1573985810&cv=11&fst=1706677060185&bg=ffffff&guid=ON&async=1&gtm=45He41t0v77572129&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&pscdl=noapi&auid=4206996.1706677060&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkpDaEFJZ05uaXJRWVEtN0RJMnMtUGpza0JFaU1BSXRfb0VkQkN4a1dta0tlYTFFSFNLNTlyYU5BaHIxUkV2THdRMmZkajg2dlFsdxpWQ2hFSWdObmlyUVlROXF2QXJZYXItNHktQVJJckFDdUF2ZF9QeERsdkhsMVA1V3B3c2FheGVfVU9iUHQ3dHhJQnQ4ai0tcXpPaXBfWGFUdmNseVVsVUEiEwjQ1se_64aEAxUCRZEFHUBpA5Q&is_vtc=1&ocp_id=RNO5ZdCkJoKKxdwPwNKNoAk&cid=CAQSKQAvHhf_XUzTIfgMlc_SEKkNveqZhaQ0e3nJFZO_7I-DG7OcVYXrp2vx&eitems=ChAIgNnirQYQkeO2uY6iu-wzEh0AQOV8G9P-oz0kYqj3-6wqwb0fV2_O1blzuGaqwg&random=2197211860 HTTP 302
  • https://www.google.ch/pagead/1p-conversion/1007499765/?random=1573985810&cv=11&fst=1706677060185&bg=ffffff&guid=ON&async=1&gtm=45He41t0v77572129&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&pscdl=noapi&auid=4206996.1706677060&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkpDaEFJZ05uaXJRWVEtN0RJMnMtUGpza0JFaU1BSXRfb0VkQkN4a1dta0tlYTFFSFNLNTlyYU5BaHIxUkV2THdRMmZkajg2dlFsdxpWQ2hFSWdObmlyUVlROXF2QXJZYXItNHktQVJJckFDdUF2ZF9QeERsdkhsMVA1V3B3c2FheGVfVU9iUHQ3dHhJQnQ4ai0tcXpPaXBfWGFUdmNseVVsVUEiEwjQ1se_64aEAxUCRZEFHUBpA5Q&is_vtc=1&ocp_id=RNO5ZdCkJoKKxdwPwNKNoAk&cid=CAQSKQAvHhf_XUzTIfgMlc_SEKkNveqZhaQ0e3nJFZO_7I-DG7OcVYXrp2vx&eitems=ChAIgNnirQYQkeO2uY6iu-wzEh0AQOV8G9P-oz0kYqj3-6wqwb0fV2_O1blzuGaqwg&random=2197211860&ipr=y
Request Chain 101
  • https://sb.scorecardresearch.com/b?c1=2&c2=14617386&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1706677060833&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2F&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1706677060833&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2F&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&c9=
Request Chain 114
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=sanook.com&sn=ChromeSyncframe&so=0&topUrl=www.sanook.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Fr6H0HxTVWRDZjkvSkVjL0hIRkRJamFUbjBNZ1ZhNFZ4WjZROG1NK3QyTERGQ1MraWRHUno2UTJ1T2VldUhXMEZuNHRDb05PZ1NRdGphdWlzSGxkKythalc4Mk5yaThRMXZYZElHc1JwT3Y4clh1UzczUmhPd3M4NXdkTUhMUy9SdDhqcDdxTUVJWUZNM3pjN0w2ZXVBbGJNL1ppVG5EOURpSVh1K2tPaTYzTFF6cUdsT0FKTjNNYnE1Yzh4cFMwT3cxbGVIc2NRWUZzWHhiMjYzRGpzYzViU21FT0lXUDBkdFlnRjFnb0doUWhjZllFcS9QN3E2RXRlaEFsaUkzUjVVUjJxZ1Z0SGw5UmRHUnVMMXcvRklUWit5MzhvbUVMb0tXbzVwanVDSlc5U2poWT18&cppv=2
Request Chain 161
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:06ee65b9-d346-4700-ba4c-dbf0521173fc&gdpr=0&gdpr_consent=
Request Chain 162
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 163
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=43979405-4EF2-4FF7-97BB-059840D99A84&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=43979405-4EF2-4FF7-97BB-059840D99A84&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 164
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Fosl3ESNc9ANiX7dQotqhBWOIdcNhnOGFtiWnV56
Request Chain 165
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6626623700304249093&gdpr=0&gdpr_consent=
Request Chain 166
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7330122161836193936&gdpr=0&gdpr_consent=
Request Chain 167
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=e44ed6c8-35cc-4641-b331-06086abd0ea2&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ab70f9cc-ddaa-4a92-a1ec-b4be5e1439da&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 168
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=EaDA0c-KUAtjOXdDlP0h55VYG1Q&gdpr=0&gdpr_consent=
Request Chain 169
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEaTNrN0xjNmNBQUJRQ0FHaE1UUQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AADi3k7Lc6cAABQCAGhMTQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=5322462639283243386&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AADi3k7Lc6cAABQCAGhMTQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5322462639283243386%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=5322462639283243386&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADi3k7Lc6cAABQCAGhMTQ&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADi3k7Lc6cAABQCAGhMTQ&gdpr=0&gdpr_consent=
Request Chain 170
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1884283304624959305
Request Chain 171
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Q5eUBU7yT_eXuwWYQNmahA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 172
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=43979405-4EF2-4FF7-97BB-059840D99A84&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=43979405-4EF2-4FF7-97BB-059840D99A84&gdpr=0&gdpr_consent=&ct=y
Request Chain 173
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1654995395
Request Chain 174
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=43979405-4EF2-4FF7-97BB-059840D99A84 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NDExQWxySzlGSTRTSEs3Rzk5bFVxWWEtQQ%3D%3D&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=5709976349021260889&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 175
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDM5Nzk0MDUtNEVGMi00RkY3LTk3QkItMDU5ODQwRDk5QTg0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 176
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKt_W4JRJ-yoZFvbw2EoXbo&google_cver=1
Request Chain 178
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5709976349021260889
Request Chain 181
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=43979405-4EF2-4FF7-97BB-059840D99A84&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=43979405-4EF2-4FF7-97BB-059840D99A84&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-fbafbKpE2uUvz3smi3cDahI_w3gFAjU-~A&gdpr=0
Request Chain 182
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=qsDFJx_7DrIJOSX-pA8sNLE1U5yTtQx9kqaM7a8sZTI&pi=pubmatic&gdpr=0&gdpr_consent=&tc=1
Request Chain 183
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=d059a7c7-748a-4630-a953-a1008e7ed124-65b9d345-4348&gdpr=0&gdpr_consent=
Request Chain 184
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=43979405-4EF2-4FF7-97BB-059840D99A84&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=24a5640f2bd41594&is_secure=true&networkId=17100&version=1&nuid=43979405-4EF2-4FF7-97BB-059840D99A84&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIw-uaJBMOowMimYNWAAAAAAA&expiration=1706763461&nuid=43979405-4EF2-4FF7-97BB-059840D99A84&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 209
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=GJJz60qUJecDkCjqTJI8sxuXd-ADnyWxGMHOaFNA
Request Chain 210
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5709976349021260889
Request Chain 214
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPZ2bdZtvxV67QJ6NzWTyP0&google_cver=1
Request Chain 269
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAAPUVtqp7TMwuirtzyD7Qg&google_cver=1&gdpr=0
Request Chain 270
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
Request Chain 276
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 283
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/5t7lPs4HsM1qlMjHm1PS3Q?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-v6O.ns9E2oJANCXnWUMCePm3PfLy9OyVpHIQzQ--~A
Request Chain 284
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFMxQkdHTVUtNi1KREI0 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBHjaWHNt6YNupyCrzhLPqY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFMxQkdHTVUtNi1KREI0&google_push=
Request Chain 286
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=8h7x7ApITyqehqQP5n38lA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=8h7x7ApITyqehqQP5n38lA
Request Chain 287
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LS1BGGMU-6-JDB4
Request Chain 288
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDU1Y2MwZDIyZmJlMzU4ODViN2U3NWJkNDg1YTZkNTJhNzk5MmUxNw
Request Chain 289
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAXkLaOQ3ckyn111ReepyM4&google_cver=1
Request Chain 290
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LS1BGGMU-6-JDB4&ex=d-rubiconproject.com&status=ok
Request Chain 291
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=dRKhfsfHTZS_vpgiRDVq2Q&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=dRKhfsfHTZS_vpgiRDVq2Q
Request Chain 292
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADi3k7Lc6cAABQCAGhMTQ&expires=30
Request Chain 293
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LS1BGGMU-6-JDB4&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LS1BGGMU-6-JDB4&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1UeTY3aEZwRTJ1RUlUVWxvaDNoQWpZVDBKTFhXVmFLS35B&ovsid=LS1BGGMU-6-JDB4&dpid=58160
Request Chain 294
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=6ae51bd1-a233-4fd8-98f5-ddbbd65f9a5f&expires=30
Request Chain 295
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LS1BGGMU-6-JDB4
Request Chain 296
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LS1BGGMU-6-JDB4&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LS1BGGMU-6-JDB4&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 297
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LS1BGGMU-6-JDB4
Request Chain 298
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LS1BGGMU-6-JDB4
Request Chain 372
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=aGdpF19kSkV1eW8zZmRUYkIlMkZZaEVUOVlHNW5lWHh3ckFpYlM5SGVJcDB4JTJGMCUyRkRrJTNE&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-pso2Q-zSdvYUt1CVfsX1iKRIp3sXnxcDUvmzjA HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=criteo&user_id=k-pso2Q-zSdvYUt1CVfsX1iKRIp3sXnxcDUvmzjA&gdpr=&gdpr_consent= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=aGdpF19kSkV1eW8zZmRUYkIlMkZZaEVUOVlHNW5lWHh3ckFpYlM5SGVJcDB4JTJGMCUyRkRrJTNE&u=ab70f9cc-ddaa-4a92-a1ec-b4be5e1439da
Request Chain 375
  • https://trace-eu.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=baidu.com&id=f34e96990a4aa6eb2nqrm600ls1bgidy
Request Chain 376
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3496786637934849000V10
Request Chain 377
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=&gdpr=0
Request Chain 380
  • https://ssbsync.smartadserver.com/api/sync?callerId=2&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=5322462639283243386&gdpr=0&gdpr_consent=
Request Chain 381
  • https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0 HTTP 302
  • https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0 HTTP 302
  • https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Request Chain 384
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=bEpNYlc2Z25SSXozakl0ejJWUW82UQ&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEPAZvrX15QqijfrbfHjcV7M&google_cver=1
Request Chain 385
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=7d2b42230dad18f1&is_secure=true&networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAIDmBsQS56hQNzRWhhAAAAAAA&expiration=1706763463&nuid=&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 389
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=5322462639283243386&gdpr=0&gdpr_consent=
Request Chain 390
  • https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=35fda205-af75-486f-b445-828894e766ae&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Request Chain 391
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=6626623700304249093&gdpr=0&gdpr_consent=
Request Chain 392
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NTMyMjQ2MjYzOTI4MzI0MzM4Ng==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEFOfma2McrWZelkrJXxE2Og&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 395
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&gdpr=0&gdpr=0&khaos=LS1BGGMU-6-JDB4 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=LS1BGGMU-6-JDB4&ex=d-rubiconproject.com&status=ok&gdpr=0
Request Chain 398
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://ce.lijit.com/merge?3pid=AADi3k7Lc6cAABQCAGhMTQ&pid=85&gdpr=0
Request Chain 399
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=d059a7c7-748a-4630-a953-a1008e7ed124-65b9d345-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dd059a7c7-748a-4630-a953-a1008e7ed124-65b9d345-4348%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253Dd059a7c7-748a-4630-a953-a1008e7ed124-65b9d345-4348%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=d059a7c7-748a-4630-a953-a1008e7ed124-65b9d345-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Dd059a7c7-748a-4630-a953-a1008e7ed124-65b9d345-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=d059a7c7-748a-4630-a953-a1008e7ed124-65b9d345-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Dd059a7c7-748a-4630-a953-a1008e7ed124-65b9d345-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=d059a7c7-748a-4630-a953-a1008e7ed124-65b9d345-4348&gdpr=0&gdpr_consent=
Request Chain 400
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=UuA4zY9ygAHE&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 402
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?3pid=OPUeefb8bf9417b492cace669cf437a7ad8&gdpr=0&gdpr_consent=&pid=103
Request Chain 425
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUeefb8bf9417b492cace669cf437a7ad8
Request Chain 426
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336727736117062
Request Chain 427
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 428
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZbnTSAABW68TOwBK
Request Chain 431
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DH1I2i050UaWnMRggXhTVbgYR%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=ac1c4c30844d9f85e13ebf3c9382aae4&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DH1I2i050UaWnMRggXhTVbgYR%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=H1I2i050UaWnMRggXhTVbgYR&gdpr=0&gdpr_consent=
Request Chain 434
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 437
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1706677064496 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=7344063139 HTTP 302
  • https://sync.1rx.io/usersync/turn/7074598175722257285?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e6bb17fd-fe96-4226-b35d-349650324f34-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-e6bb17fd-fe96-4226-b35d-349650324f34-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e6bb17fd-fe96-4226-b35d-349650324f34-003
Request Chain 438
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2A0CD7624B904F2592C0E7A29E0182DA&gdpr=0&gdpr_consent=
Request Chain 440
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=43979405-4EF2-4FF7-97BB-059840D99A84&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=43979405-4EF2-4FF7-97BB-059840D99A84&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 441
  • https://pixel.onaudience.com/?partner=214&mapped=43979405-4EF2-4FF7-97BB-059840D99A84&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m HTTP 302
  • https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=5b57fd3a5a820740 HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=5b57fd3a5a820740 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MkZ4UHBXNzU4SVdKUFdsY1R0elUyUHhacHFETkFka25hc0lTWjBEemZPUU0&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=3b2cb90&referrer_pid=3b2cb90&google_gid=CAESEJKiSz8bEE67-L_JaoDyI_E&google_cver=1 HTTP 302
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=7074598175722257285&newuser=1&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%3D3b2cb90 HTTP 302
  • https://ps.eyeota.net/match?uid=ZbnTSAABW68TOwBK&bid=0rijhbu&dc_rc=3&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%3D3b2cb90 HTTP 302
  • https://ps.eyeota.net/match?uid=6626623700304249093&bid=2cr76e1&dc_rc=4&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 442
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7074598175722257285&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 443
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:e9c3b3bc-3705-4fd0-aff5-bb5f23b01245&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 456
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEF9SUTIN1jJVbWFbmdshfWY&google_cver=1
Request Chain 457
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjYyNjYyMzcwMDMwNDI0OTA5Mw%3D%3D
Request Chain 458
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPZ2bdZtvxV67QJ6NzWTyP0&google_cver=1&gdpr=0
Request Chain 459
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjIzY2JhMjQtMjE5ZC02YTkyLTc2MjEtNjBmZjk5MzIyOWNl
Request Chain 472
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKRYFt2kMhmnJAfE6pGCDog&google_cver=1&google_push=AXcoOmRO4FcCUCQSK9I5mi80DqvJEEN0Y7YSrpZb73FO8FuZp1Pc56WGNS1dRqnwvgZDFGxjBVzEiUIiB6VMZzDfryC4VK4yxqsYbQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMzMDEyMjE2MTgzNjE5MzkzNg%3D%3D&google_push=AXcoOmRO4FcCUCQSK9I5mi80DqvJEEN0Y7YSrpZb73FO8FuZp1Pc56WGNS1dRqnwvgZDFGxjBVzEiUIiB6VMZzDfryC4VK4yxqsYbQ
Request Chain 473
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmT2dfgCK7-UYiA9X9_rOKbSRTLBolAMmvhwo3Y3cUmihoWy3DsMz7Sb_BUDc0ErWBecHAHgppik29MUZq3WU9IURbSc5dWW2Q&google_gid=CAESECeFMY1fgq-Pjawr6xFdUo8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-X46T7ezSdvYUt1CVfsX1iKRIp3tlKA5kqHVHtA&google_push=AXcoOmT2dfgCK7-UYiA9X9_rOKbSRTLBolAMmvhwo3Y3cUmihoWy3DsMz7Sb_BUDc0ErWBecHAHgppik29MUZq3WU9IURbSc5dWW2Q
Request Chain 474
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEOxK7NKKh1g6kqOqRtfuBn4&google_cver=1&google_push=AXcoOmTdymYT70xrnYg-iOw6Cu6EMrC229FHfo2JpgmpmTqlh8L91cOJAqKZGB2tXS0_7h-00oQnVwESf7QsWIkKiUO6vjkePtFs HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEOxK7NKKh1g6kqOqRtfuBn4&google_push=AXcoOmTdymYT70xrnYg-iOw6Cu6EMrC229FHfo2JpgmpmTqlh8L91cOJAqKZGB2tXS0_7h-00oQnVwESf7QsWIkKiUO6vjkePtFs&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTdymYT70xrnYg-iOw6Cu6EMrC229FHfo2JpgmpmTqlh8L91cOJAqKZGB2tXS0_7h-00oQnVwESf7QsWIkKiUO6vjkePtFs&google_hm=Y1ozR1BrUl83MmkwM29zREFFbFo=
Request Chain 475
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPq4BikcKr1zg7TjXsjpngI&google_cver=1&google_push=AXcoOmRw6209LZIGYZFv14jeI-YfvgzhX6N40jhmWlkqkdqr3VaGVV6m1qRsDcK7cvgk-P_mprKxXGDVH_bCDeoWaOOmcVTM9bFTvw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Q5eUBU7yT_eXuwWYQNmahA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRw6209LZIGYZFv14jeI-YfvgzhX6N40jhmWlkqkdqr3VaGVV6m1qRsDcK7cvgk-P_mprKxXGDVH_bCDeoWaOOmcVTM9bFTvw
Request Chain 476
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAYOKg5IqXFqL-lkig-JJro&google_cver=1&google_push=AXcoOmQJ0EY4LVCpwbUxXyXuQj15bvPLCyyDeAH9YgifLIVjO7lUN540MSP-yPFLY17xPOmQ91bue2SZDKU6f8FRC8GugxrRy-ezFA HTTP 302
  • https://sync.1rx.io/usersync/smaato/df2a3a0eef?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e6bb17fd-fe96-4226-b35d-349650324f34-003
Request Chain 477
  • https://sync.inmobi.com/gob?google_gid=CAESEJ2c11eaVj0slYbCqmo9XhI&google_cver=1&google_push=AXcoOmTUfZRlCG3xL2UBweYIjNtCFqGAre4zhP1dDnS7cIr931HpfIXDw2m5A_4wOVeHzpuZBpUO3X_Oqxb_65Ktyd-uZpsYgM9yDkM HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmTUfZRlCG3xL2UBweYIjNtCFqGAre4zhP1dDnS7cIr931HpfIXDw2m5A_4wOVeHzpuZBpUO3X_Oqxb_65Ktyd-uZpsYgM9yDkM
Request Chain 504
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D754412%26extuid%3D%3Cvsid%3E%26traffic_source%3Dsnippet%26session%3D85AD5D58A23383F6%26sp%3D715062%26pb%3D312731%26c%3D750708%26a%3D754412%26domain%3Dhttps%3A%2F%2Fwww.sanook.com%2F HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA&traffic_source=snippet&session=85AD5D58A23383F6&sp=715062&pb=312731&c=750708&a=754412&domain=https://www.sanook.com/
Request Chain 509
  • https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=themediagrid&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=themediagrid&gdpr=0&user_id=TgaWCBwAwARVBM0JGgbZUE0DkgNVC8BSTlXKgIvJ

513 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.sanook.com/
Redirect Chain
  • https://webboard.sanook.com/forum/?action=post2;start=0;board=75
  • https://www.sanook.com/
282 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
61.91.93.41 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-41.static.asianet.co.th
Software
nginx /
Resource Hash
0544e1d97cf6e449ad57604a9764c60f60229d082f889ecedf3d9dc941712275
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
public, s-maxage=15, max-age=5, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 31 Jan 2024 04:57:39 GMT
Proxy-Cache-Status
HIT
SN-Cache-Status
HIT
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Transfer-Encoding
chunked
Vary
Accept-Encoding User-Agent
X-Cache-Status
MISS
X-Ua-Device
desktop
X-Ua-Exp
notset
X-Ua-Key
cover_display
X-Ua-Type
human

Redirect headers

content-length
185
content-type
text/html
date
Wed, 31 Jan 2024 04:57:38 GMT
location
https://www.sanook.com/
server
nginx/1.14.0
taboola-push-sdk.js
cdn.taboola.com/webpush/publishers/1011713/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/webpush/publishers/1011713/taboola-push-sdk.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84dbea809787acd9c5c767113eb3f7bc492f55812613c10507f66f10d205db36

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
OfFW3qSCFTk8stQse__31i5akmTWt65R
content-encoding
gzip
via
1.1 varnish
date
Wed, 31 Jan 2024 04:57:39 GMT
x-amz-request-id
QTN6C8TJRN1MN4P6
age
16889
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5678
x-amz-id-2
WUyLozhKtPWJGK4/fCNvdOqSIopCaQ4BzHTJ5i2ZOn6McbdE3RGIHWKQ1QtodtRK/mGBKy0dunw=
x-served-by
cache-mxp6963-MXP
last-modified
Thu, 26 Oct 2023 09:07:03 GMT
server
AmazonS3
x-timer
S1706677060.814302,VS0,VE1
etag
"e2595c8172706b041a90c945e3638320"
vary
Accept-Encoding
content-type
application/octet-stream
abp
28
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
pubmatic_desktop.1.0.0.js
s.isanook.com/sh/0/js/ 		1 KB
769 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 06:27:59 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Wed, 16 May 2018 08:30:09 GMT
server
Lego Server
age
0
etag
W/"5afbec11-43f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9763246181840015317
accept-ranges
bytes
content-length
548
expires
Sat, 17 Feb 2024 06:27:59 GMT
publishertag.js
static.criteo.net/js/ld/ 		127 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
828767fbeb1fd6669664e2017314c590e3ed617df4a258a6ad788f8328c37999
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 18 Jan 2024 07:12:05 GMT
server
nginx
etag
W/"65a8cf45-1fcd8"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 01 Feb 2024 04:57:39 GMT
beacon.v1.js
p3.isanook.com/sh/0/js/ 		375 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/sh/0/js/beacon.v1.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 08:39:32 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 28 Nov 2013 06:56:15 GMT
server
Lego Server
age
93532
etag
"5296e90f-177"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17168042451736787576
accept-ranges
bytes
content-length
266
expires
Sat, 27 Jan 2024 06:40:41 GMT
gtm.js
www.googletagmanager.com/ 		296 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a1ddb96fb74f03564fcc5cd558ac7817297de52876984edeb9b1e1955d5c81e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96545
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 31 Jan 2024 04:57:40 GMT
d0004449.js
lvs2.truehits.in.th/dataa/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lvs2.truehits.in.th/dataa/d0004449.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.58.214 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-58-214.northern.inet.co.th
Software
nginx/1.23.3 /
Resource Hash
ab7bf0e3b2173a1cd69290af67819c38eaf2e4a425863538e092d08e97bfccee

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:40 GMT
last-modified
Thu, 25 Jan 2024 07:02:00 GMT
server
nginx/1.23.3
p3p
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
content-type
application/x-javascript
cache-control
max-age=604800
content-length
8719
expires
Wed, 7 Feb 2024 4:57:40 GMT
a102.js
sal.isanook.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sal.isanook.com/js/a102.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.151.133.6 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
6.134.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 04:57:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Aug 2020 09:23:14 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Fri, 01 Mar 2024 04:57:40 GMT
fbevents.js
connect.facebook.net/en_US/ 		213 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b0388a2387283b8457b08aadd7fdcca2702ba989863981b18e673a1394e74c4f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 31 Jan 2024 04:57:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57158
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
OV279t1TRXn+D98dhntur5Z1H8MyAuCgRb2vQzlGFjWkLa4uVlPjKGbkld7bQ9senwXBWW5GB+NCBj0cw5Vjxw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ht.js
sdk.ocmhood.com/sdk/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/webpush/publishers/1011713/taboola-push-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76826516b4d37ab488d0163d4d43fa6f56199dae748fdfbabcd447c78528464e

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
456
alt-svc
h3=":443"; ma=86400
service-worker-allowed
/
last-modified
Thu, 07 Dec 2023 11:01:57 GMT
server
cloudflare
etag
W/"6571a625-2ef3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Q6Tiagh6PUcTJltnVop1qOS60VQbAostCjvxiReyhWe5R8C2lsmHCA2segzC3%2Fl13%2FwtA7zPWH%2F0bcLFbWaHFRnX9bEzxOs55g7W3Y6jWDhC%2BJrb6rfgJcXqzMMo4Uut86iVZLdzvmfqqPsTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
84df60092c8f0418-FRA
0edade65c094e5997049.css
s.isanook.com/sr/0/_next/static/css/ 		43 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/css/0edade65c094e5997049.css
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
0fc98c135a2fc30eb81a14617a47ff036f4c71bfc80dbb1f24e47908c9188862

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 19:51:42 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 05 Jan 2024 09:58:40 GMT
server
Lego Server
age
0
etag
W/"6597d2d0-acba"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
8813164379861436368
accept-ranges
bytes
content-length
9167
expires
Tue, 06 Feb 2024 19:51:42 GMT
webpack-1cbb336ff82ed96296a3.js
s.isanook.com/sr/0/_next/static/chunks/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/webpack-1cbb336ff82ed96296a3.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
2e16af1174a94ddfda847bcf35f683e898eb3f2b39b6852fbde88140f192d503

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 06:53:33 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
9919
server
Lego Server
age
0
etag
W/"65b3569f-26bf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17614876195946157781
accept-ranges
bytes
content-length
4997
expires
Sun, 25 Feb 2024 06:53:33 GMT
framework-bccd505f411f10b308c7.js
s.isanook.com/sr/0/_next/static/chunks/ 		147 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/framework-bccd505f411f10b308c7.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
e16941500a7e562826092aa4e31a907a0c6e9354e4c843391cd3fdec33602bb1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 06:42:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
150360
server
Lego Server
age
804
etag
"65b3360d-24b58"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
10520831876626603857
accept-ranges
bytes
content-length
45664
expires
Sun, 25 Feb 2024 06:03:39 GMT
main-6fc29b940dae36eaf931.js
s.isanook.com/sr/0/_next/static/chunks/ 		75 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/main-6fc29b940dae36eaf931.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
e6f66edeac3b3a3f7b2cd9d2c9c0365f42b989cc873dd956522bcc03e1279413

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 09:26:49 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
76518
server
Lego Server
age
73556
etag
W/"65a894da-12ae6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
4164045878235617159
accept-ranges
bytes
content-length
23803
expires
Sat, 17 Feb 2024 10:05:04 GMT
_app-dbd0cb309ee161b5c4fe.js
s.isanook.com/sr/0/_next/static/chunks/pages/ 		789 KB
190 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-dbd0cb309ee161b5c4fe.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
891d91561eb4ec2f07950731425b4edfb16143cad18f143fbf710d9f4ccddfaf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 03:22:11 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
808398
server
Lego Server
age
0
etag
W/"65b1cfc3-c55ce"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
8191857725718354760
accept-ranges
bytes
content-length
194070
expires
Sat, 24 Feb 2024 03:22:11 GMT
2962-603a28e62dde6ed2aedb.js
s.isanook.com/sr/0/_next/static/chunks/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2962-603a28e62dde6ed2aedb.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
39a9767a33fe8b9d31f24bb9f29f98152c9f738a1bf59539cfd87285d30be231

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:28:50 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 05 Jan 2024 09:58:39 GMT
server
Lego Server
age
48737
etag
W/"6597d2cf-2ebe"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
6895190915198565454
accept-ranges
bytes
content-length
2738
expires
Mon, 05 Feb 2024 03:28:50 GMT
9669-b56602280eb9384c191d.js
s.isanook.com/sr/0/_next/static/chunks/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/9669-b56602280eb9384c191d.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
9cd0cf9358f6d9ef9aecc29466faba4f8f2f5b9a79f03be60e6b220558fd4340

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 05:56:55 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
13794
server
Lego Server
age
0
etag
W/"65b1ecb4-35e2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
2271744963387218058
accept-ranges
bytes
content-length
4712
expires
Sat, 24 Feb 2024 05:56:55 GMT
1354-e6e263fd45386d27bc3d.js
s.isanook.com/sr/0/_next/static/chunks/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/1354-e6e263fd45386d27bc3d.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
6110bd3d72d24a65ab45401d0318208e362f323aca3c84d57a36523d34a60f0b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 13:00:40 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 04 Jan 2024 03:55:42 GMT
server
Lego Server
age
187226
etag
W/"65962c3e-c680"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
10666503325112573950
accept-ranges
bytes
content-length
16570
expires
Sat, 03 Feb 2024 13:00:40 GMT
3253-53ff7ff6e0b6ee493cc0.js
s.isanook.com/sr/0/_next/static/chunks/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/3253-53ff7ff6e0b6ee493cc0.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
1150925cc59c7046516a9aaaf3d9add1cd9cce4f6a5002154a4cfe3432906427

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 03:50:50 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
24873
server
Lego Server
age
264715
etag
"659cbbc9-6129"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
13738561786515552213
accept-ranges
bytes
content-length
7130
expires
Fri, 09 Feb 2024 03:50:50 GMT
6261-0b9100df4de35e339621.js
s.isanook.com/sr/0/_next/static/chunks/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/6261-0b9100df4de35e339621.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
ee4af143a6a0a29cda4f26e4e9e05fbc58918dfa32bb26bb7f43b266afc0a085

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:28:52 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
29406
server
Lego Server
age
0
etag
W/"6597d2ce-72de"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
967845132366170604
accept-ranges
bytes
content-length
6705
expires
Mon, 05 Feb 2024 03:28:52 GMT
2144-fc95701658e9dbc62ba5.js
s.isanook.com/sr/0/_next/static/chunks/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2144-fc95701658e9dbc62ba5.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
dbc8e7010be7250d7092fa7cdfc81186f97e3abf060d836d4054ba37f1160ce3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 10:49:35 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 12 Jan 2024 03:00:34 GMT
server
Lego Server
age
0
etag
W/"65a0ab52-25db"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
4490870130605176735
accept-ranges
bytes
content-length
3462
expires
Tue, 13 Feb 2024 10:49:35 GMT
617-ce3dea63b3c20710b129.js
s.isanook.com/sr/0/_next/static/chunks/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/617-ce3dea63b3c20710b129.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
c60e2fc9ce0914bf1cf11e141c745da30edc15af953fd6682d0d95df5d83f809

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 15:32:16 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Mon, 25 Dec 2023 07:17:38 GMT
server
Lego Server
age
0
etag
W/"65892c92-3e9e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
17604198725281054860
accept-ranges
bytes
content-length
4551
expires
Tue, 30 Jan 2024 15:32:16 GMT
1216-75cdf64a6bee3b4a0f08.js
s.isanook.com/sr/0/_next/static/chunks/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/1216-75cdf64a6bee3b4a0f08.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
c874f708f5b975cd971bc4b89f3a432a46121a549273f79c0e1363ef54001157

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 14:00:24 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
6871
server
Lego Server
age
0
etag
W/"65b0e1a4-1ad7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
11075625257780517052
accept-ranges
bytes
content-length
2537
expires
Fri, 23 Feb 2024 14:00:24 GMT
7774-63cb27c5e3276b7f2e71.js
s.isanook.com/sr/0/_next/static/chunks/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/7774-63cb27c5e3276b7f2e71.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
a0cb046405aa259db5df73b27a363ce4c8ab963ab135c644d7e4a73fb50c2dce

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 16:01:49 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
12913
server
Lego Server
age
0
etag
W/"65b1ecb4-3271"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
36138185243051351
accept-ranges
bytes
content-length
5488
expires
Sat, 24 Feb 2024 16:01:49 GMT
3051-bf42533dcd722fe36384.js
s.isanook.com/sr/0/_next/static/chunks/ 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/3051-bf42533dcd722fe36384.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
b9e38cc9731430afe84fde118d71237c9a86fce3230e5ac7ae1d7f86c102842a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 08:43:59 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 26 Jan 2024 08:19:08 GMT
server
Lego Server
age
52831
etag
W/"65b36afc-1496c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
1004347673525714806
accept-ranges
bytes
content-length
27689
expires
Mon, 26 Feb 2024 18:03:29 GMT
5616-5f8425f3631c502b5b56.js
s.isanook.com/sr/0/_next/static/chunks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5616-5f8425f3631c502b5b56.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
be670c3d3cc9021e3e244a863bd36f5c685a09f46cffefdb930b9fefee0fec0e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 05:05:35 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Mon, 25 Dec 2023 07:17:38 GMT
server
Lego Server
age
0
etag
W/"65892c92-2370"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
5546580438863695407
accept-ranges
bytes
content-length
3081
expires
Mon, 29 Jan 2024 05:05:35 GMT
6066-d50250a536141f89d39a.js
s.isanook.com/sr/0/_next/static/chunks/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/6066-d50250a536141f89d39a.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
12c77ac611a4332b163f12367043df571ad45e56537880d12235f9aa3376e777

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 02:29:23 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 25 Jan 2024 05:08:05 GMT
server
Lego Server
age
0
etag
W/"65b1ecb5-95e4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
1724370246477608064
accept-ranges
bytes
content-length
10437
expires
Sun, 25 Feb 2024 02:29:23 GMT
5949-ac9935b6efbd2da19187.js
s.isanook.com/sr/0/_next/static/chunks/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5949-ac9935b6efbd2da19187.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
50b19099ebca11eae52e56b077ea2f8d618a21e6a9657a8de01467f764ef910f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 05:35:08 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 12 Jan 2024 03:00:36 GMT
server
Lego Server
age
0
etag
W/"65a0ab54-1242"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
16703387933759881485
accept-ranges
bytes
content-length
2147
expires
Mon, 12 Feb 2024 05:35:08 GMT
6876-8ff5ec0b004769cf30cd.js
s.isanook.com/sr/0/_next/static/chunks/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/6876-8ff5ec0b004769cf30cd.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
27e3898e078a99fc5f43b11cbef454a94563852fc306e3a9f163146e02751a19

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 11:37:59 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
11452
server
Lego Server
age
20680
etag
W/"659bd0c0-2cbc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
1332043449243145404
accept-ranges
bytes
content-length
3888
expires
Wed, 07 Feb 2024 11:37:59 GMT
9826-a6b080a9d148f6d33282.js
s.isanook.com/sr/0/_next/static/chunks/ 		50 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/9826-a6b080a9d148f6d33282.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
5bf7724d62557cbb156e410f424acf0d48a3f5b6db47b4ba25db0699d9e1305a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 03:56:03 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
51343
server
Lego Server
age
170385
etag
W/"65892c92-c88f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
2182508750898651399
accept-ranges
bytes
content-length
7614
expires
Wed, 31 Jan 2024 03:56:03 GMT
5503-b2397f73d06c2a9e1092.js
s.isanook.com/sr/0/_next/static/chunks/ 		37 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5503-b2397f73d06c2a9e1092.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
5dfa82f46c4ae85ec1f5515f5b74b176b6b00343eb768ebbe7777a4cb00d30f9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 17:26:42 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 15 Dec 2023 03:31:51 GMT
server
Lego Server
age
125750
etag
W/"657bc8a7-9257"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
16461665663917214553
accept-ranges
bytes
content-length
7759
expires
Wed, 31 Jan 2024 17:26:42 GMT
1190-6fbfa2ce479b12e157f0.js
s.isanook.com/sr/0/_next/static/chunks/ 		208 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/1190-6fbfa2ce479b12e157f0.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
0bf235f65552d14d9d2c2d786276b2a1c1ee7b2969646805c214e3e3c8de3145

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 03:22:11 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
213056
server
Lego Server
age
0
etag
W/"65b1cfc1-34040"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
8049469694498910207
accept-ranges
bytes
content-length
44242
expires
Sat, 24 Feb 2024 03:22:11 GMT
3316-1075f88424a7f97fd556.js
s.isanook.com/sr/0/_next/static/chunks/ 		18 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/3316-1075f88424a7f97fd556.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
2ad2e0dabfe69db1f2fa50e28da4cff673db42de2a7c9990610dc913ae7f8ab5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 07:08:17 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
server
Lego Server
age
0
etag
W/"65b1ecb4-4661"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
4278918116744903915
accept-ranges
bytes
content-length
4349
expires
Sat, 24 Feb 2024 07:08:17 GMT
5269-b7e44080fa2ad5a29a4f.js
s.isanook.com/sr/0/_next/static/chunks/ 		248 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5269-b7e44080fa2ad5a29a4f.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
cb4ad9fca15600096a8d9107572e52f9c6f1cd930e9b6dbcf0954192c786da14

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 11:32:41 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
253795
server
Lego Server
age
0
etag
W/"65a0ab54-3df63"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
7038269520618919948
accept-ranges
bytes
content-length
20268
expires
Mon, 12 Feb 2024 11:32:41 GMT
4374-91615dc559f3faf9c086.js
s.isanook.com/sr/0/_next/static/chunks/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/4374-91615dc559f3faf9c086.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
fee99ad0bd0cd5995682405178d9d2ede85fed5c79f543d8b740f53395291f64

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 04:05:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Mon, 25 Dec 2023 07:17:38 GMT
server
Lego Server
age
170385
etag
W/"65892c92-42ce"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
10515155251793070561
accept-ranges
bytes
content-length
3908
expires
Wed, 31 Jan 2024 04:05:53 GMT
7634-04c472fae60f45a849a0.js
s.isanook.com/sr/0/_next/static/chunks/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/7634-04c472fae60f45a849a0.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
3fd13b0daf2652dbdb226aa907f3bca0cf7d986fe8445cb6beff7f22da20f43f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 02:56:27 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
14298
server
Lego Server
age
13
etag
W/"6597d2ce-37da"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
17975683085762003885
accept-ranges
bytes
content-length
2627
expires
Tue, 06 Feb 2024 02:56:27 GMT
9063-94a08e25bf4dc2bdaf80.js
s.isanook.com/sr/0/_next/static/chunks/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/9063-94a08e25bf4dc2bdaf80.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
ee792d6654698f7c088a8ae05942488f954ce013109bd82c4c1c37eb38f6148b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:41:24 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
11925
server
Lego Server
age
376243
etag
W/"65a656a2-2e95"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
12731583498603037830
accept-ranges
bytes
content-length
3791
expires
Fri, 16 Feb 2024 16:41:24 GMT
2511-f871ee9e29fdbfa53ccc.js
s.isanook.com/sr/0/_next/static/chunks/ 		16 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2511-f871ee9e29fdbfa53ccc.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
24d69d92d039760367c17f1b3dc994220ff4471139e943cd24c87ab90f734713

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:35:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Tue, 09 Jan 2024 03:21:48 GMT
server
Lego Server
age
0
etag
"659cbbcc-3ef7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
236731443726139855
accept-ranges
bytes
content-length
3118
expires
Thu, 08 Feb 2024 15:35:18 GMT
7605-85e9d31bd7efd778ba22.js
s.isanook.com/sr/0/_next/static/chunks/ 		18 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/7605-85e9d31bd7efd778ba22.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
2ac05fa6e28bdd8a7dae41f39d4f0d1d1fdd2375132dc85e99a9e35fbb24d880

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 08:34:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
18841
server
Lego Server
age
0
etag
W/"65a656a0-4999"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
4952262373264149011
accept-ranges
bytes
content-length
3020
expires
Fri, 16 Feb 2024 08:34:38 GMT
41-19d1361a0a05cc250666.js
s.isanook.com/sr/0/_next/static/chunks/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/41-19d1361a0a05cc250666.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
1dd45e485598f5208a4054697253d9aa0e864526e88d5279bdd5cbc41a8030a0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 03:06:28 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Mon, 22 Jan 2024 02:50:52 GMT
server
Lego Server
age
89
etag
W/"65add80c-7475"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
8154693963423115434
accept-ranges
bytes
content-length
7577
expires
Wed, 21 Feb 2024 03:06:28 GMT
2429-39e9fa0c84870e2cfdda.js
s.isanook.com/sr/0/_next/static/chunks/ 		42 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2429-39e9fa0c84870e2cfdda.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
e1a88c045dd83d86979e0bf84f2164a847c0305830c9f9d8c79f757f7e7b5dd0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:43:22 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
43030
server
Lego Server
age
0
etag
W/"65af3564-a816"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
12776930892595646418
accept-ranges
bytes
content-length
9169
expires
Thu, 22 Feb 2024 03:43:22 GMT
firstpage-d47d385ef9c161448e4f.js
s.isanook.com/sr/0/_next/static/chunks/pages/common/ 		301 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/pages/common/firstpage-d47d385ef9c161448e4f.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
988b83ee1fe44c20e785b2e6cdac18ca31e83268c82a85ab92ac4fcca73230b1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 03:22:11 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
308189
server
Lego Server
age
0
etag
W/"65b1cfc2-4b3dd"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
2898603835162531001
accept-ranges
bytes
content-length
48998
expires
Sat, 24 Feb 2024 03:22:11 GMT
_buildManifest.js
s.isanook.com/sr/0/_next/static/qAOojR516G1eqysPxieYS/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/qAOojR516G1eqysPxieYS/_buildManifest.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
4c188781ed45684ad88eaab658950fc725d584df86276cbcd55602e92d9cde9f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 08:38:40 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
27369
server
Lego Server
age
0
etag
W/"65b36afc-6ae9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
11185952200782198805
accept-ranges
bytes
content-length
6794
expires
Sun, 25 Feb 2024 08:38:40 GMT
_ssgManifest.js
s.isanook.com/sr/0/_next/static/qAOojR516G1eqysPxieYS/ 		77 B
216 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/qAOojR516G1eqysPxieYS/_ssgManifest.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 08:38:40 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
77
server
Lego Server
age
0
etag
"65b36afc-4d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
7683153142118979546
accept-ranges
bytes
content-length
61
expires
Sun, 25 Feb 2024 08:38:40 GMT
spacer.gif
p3.isanook.com/sh/0/di/ac/vl/ 		43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p3.isanook.com/sh/0/di/ac/vl/spacer.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 06:08:28 GMT
x-cache-lookup
Cache Hit
last-modified
Tue, 08 Feb 2011 09:07:23 GMT
server
Lego Server
age
0
etag
"4d5107cb-2b"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
14327694323955082450
accept-ranges
bytes
content-length
43
expires
Sat, 24 Feb 2024 06:08:28 GMT
ic-lotto.png
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/ic-lotto.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
99547a965f07daf7a5531abff25b655f8ca954dcd1fc1794a87e62b4f59069a7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 18:27:55 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
etag
"659bd0cc-b1f"
content-type
image/png
x-nws-log-uuid
14137612006740456431
accept-ranges
bytes
content-length
2847
expires
Mon, 08 Jan 2024 18:32:55 GMT
joox.svg
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		1 KB
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/joox.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
0b2e019fbe37d9642ad85f3194ef708e5510f4e580544587d3036d2c6a22809e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 23:58:14 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Wed, 24 Jan 2024 10:08:51 GMT
server
Lego Server
age
0
etag
W/"65b0e1b3-4e7"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
9474442948766884422
accept-ranges
bytes
content-length
548
expires
Fri, 23 Feb 2024 23:58:14 GMT
wetv.svg
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/wetv.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
08a8463bf15cca775e8cc01995f1d42758cbda90dee2b7019fee15daa62822c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 09:19:42 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Tue, 09 Jan 2024 03:22:06 GMT
server
Lego Server
age
264725
etag
W/"659cbbde-1a5b"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
11495427416139348544
accept-ranges
bytes
content-length
1827
expires
Sat, 10 Feb 2024 09:19:42 GMT
pubg.png
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/pubg.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
695669eab4d353184ff9d06af8b2e1d0c0aea5af143d16b84206b05f1fa7ec3d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 05:32:20 GMT
x-cache-lookup
Cache Hit
last-modified
Fri, 12 Jan 2024 03:00:51 GMT
server
Lego Server
age
0
etag
"65a0ab63-8c6"
content-type
image/png
x-nws-log-uuid
1190554892753760241
accept-ranges
bytes
content-length
2246
ic-findluckynumber.svg
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/ic-findluckynumber.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
bb9ed1770e9024deb98eee45ba561267d7ef74129e952928e7d62d581948bc0e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 03:49:16 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 25 Jan 2024 03:04:50 GMT
server
Lego Server
age
164814
etag
W/"65b1cfd2-9f1"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
10595598908352290510
accept-ranges
bytes
content-length
1107
expires
Sat, 24 Feb 2024 03:49:16 GMT
sanook_thumbnail_1200x720(5).jpg
s.isanook.com/fi/0/fp/396/1981933/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/396/1981933/sanook_thumbnail_1200x720(5).jpg?ip/crop/w555h333/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
4f05a8b84787d2326b021102a13be8c6caae7d14dc9935b5b57dd00c36f4b287
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:24:37 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
16392609872302936133
accept-ranges
bytes
content-length
55690
expires
Fri, 01 Mar 2024 04:24:37 GMT
cv(1).jpg
s.isanook.com/fi/0/fp/372/1864541/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/372/1864541/cv(1).jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
b01debabf93d1b97756945c1a1ea5a8f1a4cb48fbe8ec4749eee0c674a843e4a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 03:32:29 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
9858028830028337977
accept-ranges
bytes
content-length
11941
expires
Fri, 01 Mar 2024 03:32:29 GMT
ls11.jpg
s.isanook.com/fi/0/fp/396/1981605/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/396/1981605/ls11.jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
8d9ceee6253b0c02a4dde8022cc5ced8fbcbd0e08aae3219472adadccff3bdf1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 01:09:11 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
2337803855854135649
accept-ranges
bytes
content-length
8681
expires
Fri, 01 Mar 2024 01:09:11 GMT
p_sport-2024-01-30t183027.7.jpg
s.isanook.com/fi/0/fp/396/1981853/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/396/1981853/p_sport-2024-01-30t183027.7.jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
0c44239c0413ae336a3871906e4fc1a415d9a076157f92d250bfae2187ce1c7f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 01:08:04 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
66
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
5438478725329390355
accept-ranges
bytes
content-length
12599
expires
Fri, 01 Mar 2024 01:08:04 GMT
t1.jpg
s.isanook.com/fi/0/fp/396/1981617/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/396/1981617/t1.jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
7ab5ebf479a3bc31f6eefd301a5d66b04aedc64efbf6715dbbcfa0d700d7106c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 01:09:12 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
8628341423843311743
accept-ranges
bytes
content-length
13038
expires
Fri, 01 Mar 2024 01:09:12 GMT
5555.jpg
s.isanook.com/fi/0/fp/396/1981845/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/396/1981845/5555.jpg?ip/crop/w172h97/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
1bb33ed1b1cf3a7c80816f7acb4ced11f95e82ae3d1be6b8dd0bf3e726ce1a64
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:08:39 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
2925921513806918955
accept-ranges
bytes
content-length
5069
expires
Thu, 29 Feb 2024 21:08:39 GMT
when.jpg
s.isanook.com/fi/0/fp/396/1981837/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/396/1981837/when.jpg?ip/crop/w172h97/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
b49205aa129e1c42ff0d1bc2fb22ecdc59c81f9239a30a65a600e98774380764
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 01:09:14 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
6702922912203577313
accept-ranges
bytes
content-length
6078
expires
Fri, 01 Mar 2024 01:09:14 GMT
tagline-template-update-april.jpg
s.isanook.com/fi/0/fp/396/1981445/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/396/1981445/tagline-template-update-april.jpg?ip/crop/w172h97/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
ad733b54fca6f8bd4d92d7f39b1dde90447eab356325b76565ed8fd613bab568
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 05:08:23 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
14
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
14682211883996744877
accept-ranges
bytes
content-length
7344
expires
Thu, 29 Feb 2024 05:08:23 GMT
sanook_thumbnail_1200x720(4).jpg
s.isanook.com/fi/0/fp/396/1981929/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/396/1981929/sanook_thumbnail_1200x720(4).jpg?ip/crop/w172h97/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
1525feeba7d859bacf296e2e4ad7e60f289bb5196518171d7a63990d7f5000af
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:21:54 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
35
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
718910869308709168
accept-ranges
bytes
content-length
5673
expires
Fri, 01 Mar 2024 04:21:54 GMT
h1.jpg
s.isanook.com/fi/0/fp/396/1981593/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/396/1981593/h1.jpg?ip/crop/w172h97/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
74aa6309019c092ba8f296910376b27b4b5b10a1dc0df0120b9ed7cacc696d57
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:08:39 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
1668937058577601902
accept-ranges
bytes
content-length
5631
expires
Thu, 29 Feb 2024 21:08:39 GMT
4.jpg
s.isanook.com/fi/0/fp/396/1981705/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/396/1981705/4.jpg?ip/crop/w172h97/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
6a7a5d4880da094eecc92162547af4f043c0787e82d15acdad4c361ec2cbca1f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:14:33 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
9
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
905135803444298264
accept-ranges
bytes
content-length
5203
expires
Fri, 01 Mar 2024 04:14:33 GMT
sanook_thumbnail_1200x720(3).jpg
s.isanook.com/fi/0/fp/396/1981925/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/396/1981925/sanook_thumbnail_1200x720(3).jpg?ip/crop/w172h97/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
b407a035f634ba58a48d7c4d71ff2ea9ef17d046006afb29d2800fc0c853a587
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:22:03 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
4803199169167391933
accept-ranges
bytes
content-length
7175
expires
Fri, 01 Mar 2024 04:22:03 GMT
sanook_thumbnail_1200x720-2.jpg
s.isanook.com/fi/0/fp/396/1981821/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/396/1981821/sanook_thumbnail_1200x720-2.jpg?ip/crop/w172h97/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
7bd1455aad3de557a37e6f8cdf433113d3117bdeff1e909326542461918668f0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 01:08:20 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
54
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
17831931207355103503
accept-ranges
bytes
content-length
5515
expires
Fri, 01 Mar 2024 01:08:20 GMT
oppa.js
p3.isanook.com/sh/0/js/ 		537 B
680 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/sh/0/js/oppa.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 07:17:39 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Wed, 17 May 2017 08:37:40 GMT
server
Lego Server
age
1128374
etag
"591c0bd4-219"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9177364756968760903
accept-ranges
bytes
content-length
363
expires
Wed, 14 Feb 2024 07:17:39 GMT
NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL.js
cdn.ocmtag.com/tag/ 		191 B
699 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ocmtag.com/tag/NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL.js
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62998eb230205cec9dbb97bedc6654520af6e3b2b452f17c38b54eb10829a005

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3143
alt-svc
h3=":443"; ma=86400
service-worker-allowed
/
last-modified
Thu, 27 Apr 2023 11:52:10 GMT
server
cloudflare
etag
W/"644a61ea-bf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0Kmbixc52h7Pyh%2FQ9YK4uSSDWMI63vm6%2FfMUS8%2BEGfgy8Gu%2BlASoYqEJRB9maTIjWXzI%2BjtdxhZENg3%2FRKzXRTHEcGjVpHysBWNVKfxBZRdGkiZAUyYmLeKfMHhEKq5hsp511ag9%2F%2BB1ycmfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
84df600caa626403-LHR
/
beacon.taboola.com/ 		0
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.taboola.com/?cat=webpush&v=1.5&src=Sanook&event=ask&features=adblock
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-mxp6963-MXP
date
Wed, 31 Jan 2024 04:57:40 GMT
via
1.1 varnish
server
Varnish
x-timer
S1706677061.518211,VS0,VE0
access-control-allow-methods
GET, POST
content-type
x-cache
HIT
cache-control
private, no-store
access-control-allow-credentials
true
accept-ranges
bytes
retry-after
0
x-cache-hits
0
1489944661112333
connect.facebook.net/signals/config/ 		53 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1489944661112333?v=2.9.143&r=stable&domain=www.sanook.com&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0d3fe96e73e70758366f33ffc86ef6a6e07a00ff53a64f17fa1ab86bf125db49
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 31 Jan 2024 04:57:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
11275
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
opQw3yzUBFJ5h3PLTtVZ2z95qDSY3qUHCx9T/7mUVHRfmcucrYVEIQ4WEbveourTYge9wNaiU0uLBpHwOVXonw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1489944661112333&ev=PageView&dl=https%3A%2F%2Fwww.sanook.com%2F&rl=&if=false&ts=1706677060122&sw=1600&sh=1200&v=2.9.143&r=stable&ec=0&o=4126&fbp=fb.1.1706677060122.1819262187&ler=empty&cdl=API_unavailable&it=1706677060092&coo=false&exp=e1&rqm=GET
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 31 Jan 2024 04:57:40 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
logo-sanook-n.svg
s.isanook.com/sr/0/images/ 		11 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/logo-sanook-n.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
412e44de7c09f2b8d76b1ad4ca25cc6915bcca5d737aaa7c5a6b44e5965d1d6d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 08:42:19 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Tue, 09 Jan 2024 03:22:13 GMT
server
Lego Server
age
353
etag
W/"659cbbe5-2b18"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
2842117559562660963
accept-ranges
bytes
content-length
4394
expires
Sat, 10 Feb 2024 08:42:19 GMT
prompt-regular-webfont.woff2
s.isanook.com/sr/0/fonts/prompt/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/prompt/prompt-regular-webfont.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
8756f19020bac3a40d2a403c5f5bcf3ac5034bc0da074d6a383bbe6c32561de5

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 14:00:25 GMT
x-cache-lookup
Cache Hit
last-modified
Wed, 24 Jan 2024 10:08:39 GMT
server
Lego Server
age
0
etag
"65b0e1a7-c8dc"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
13016208709986171545
accept-ranges
bytes
content-length
51420
expires
Fri, 23 Feb 2024 14:00:25 GMT
SukhumvitReg.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitReg.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 06:48:36 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Mon, 22 Jan 2024 02:57:36 GMT
server
Lego Server
age
119853
etag
W/"65add9a0-7a90"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
9696001159115905794
accept-ranges
bytes
content-length
31404
expires
Wed, 21 Feb 2024 06:48:36 GMT
prompt-bold-webfont.woff2
s.isanook.com/sr/0/fonts/prompt/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/prompt/prompt-bold-webfont.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
d68c3ead837103c502de483abfdb0167fa83abe2a3ba452df2d5f216289f6c9f

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 06:49:09 GMT
x-cache-lookup
Cache Hit
last-modified
Tue, 23 Jan 2024 03:41:28 GMT
server
Lego Server
age
0
etag
"65af3568-cf40"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
6125628149507089030
accept-ranges
bytes
content-length
53056
expires
Thu, 22 Feb 2024 06:49:09 GMT
prompt-semibold-webfont.woff2
s.isanook.com/sr/0/fonts/prompt/ 		50 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/prompt/prompt-semibold-webfont.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
211ce11050c57b74d7f793232305a8ee5cea7f061366efaa6df4bff5cb7a2495

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 16:51:45 GMT
x-cache-lookup
Cache Hit
last-modified
Wed, 24 Jan 2024 10:08:39 GMT
server
Lego Server
age
0
etag
"65b0e1a7-c930"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
5836650645174086559
accept-ranges
bytes
content-length
51504
expires
Fri, 23 Feb 2024 16:51:45 GMT
SukhumvitBold.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitBold.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:50:20 GMT
x-cache-lookup
Cache Hit
last-modified
Fri, 26 Jan 2024 08:19:13 GMT
server
Lego Server
age
10155
etag
"65b36b01-7df4"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
8068803735097783844
accept-ranges
bytes
content-length
32244
expires
Tue, 27 Feb 2024 05:50:20 GMT
js
www.googletagmanager.com/gtag/ 		257 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c6f8f2872d528851736bcf402909630869818b03463f47db33f9b7cd22c41ab4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89431
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 31 Jan 2024 04:57:40 GMT
/
www.googleadservices.com/pagead/conversion/1007499765/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/1007499765/?random=1706677060185&cv=11&fst=1706677060185&bg=ffffff&guid=ON&async=1&gtm=45He41t0v77572129&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&bttype=purchase&pscdl=noapi&auid=4206996.1706677060&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
c79d82bc0a6edf1dadbf329a8c1f83b464693eb42d829dad0e94593a7a94d392
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1677
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/?random=1706677060189&cv=11&fst=1706677060189&bg=ffffff&guid=ON&async=1&gtm=45He41t0v77572129&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&pscdl=noapi&auid=4206996.1706677060&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
59ecfbda6cc065e29f35167304c3fa56b28a06a147c6a043344b111ba4f60f71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1294
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 31 Jan 2024 03:48:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4171
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 31 Jan 2024 05:48:09 GMT
collect
region1.analytics.google.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-M0RYDTKBFK&gtm=45je41t0v888883767z877572129&_p=1706677059783&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1952691386.1706677060&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&sid=1706677060&sct=1&seg=0&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&en=page_view&_fv=1&_nsi=1&_ss=2&ep.user_session_id=1706677060182.pxex9iyf&ep.content_channel=firstpage&ep.content_page_format=indexpage&ep.adblock_tracker=false&upn.user_login=0&tfd=2549
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M0RYDTKBFK&cid=1952691386.1706677060&gtm=45je41t0v888883767z877572129&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ch/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M0RYDTKBFK&cid=1952691386.1706677060&gtm=45je41t0v888883767z877572129&aip=1&dma=0&gcd=11l1l1l1l1&z=1116492876
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container_57b51f2f1c51b15b6d1e8553.js
avd.innity.net/225/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/oppa.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.215.19.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-19-214.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 04:57:40 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Aug 2020 08:27:45 GMT
Server
nginx/1.20.1
ETag
"5f48c001-20eb-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=1914922
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3222
Expires
Thu, 22 Feb 2024 08:53:02 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/beacon.v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:23:33 GMT
content-encoding
gzip
via
1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:13:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
9248
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
tvvUZJY1jahecg6ljAhUW1e9uYFZYDAO_-6sypTFmtpCOfScOy5ACg==
base-icon-v1.0.50.woff2
s.isanook.com/sr/0/fonts/icon/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/icon/base-icon-v1.0.50.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
745f76c8d7cfbe00c5f1d9cd212b35730ca273ebdf6f8b0f3f4f69e0ccb2ba29

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 13:51:25 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Tue, 23 Jan 2024 10:18:20 GMT
server
Lego Server
age
233098
etag
W/"65af926c-b12c"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
5033200226459404260
accept-ranges
bytes
content-length
45389
expires
Thu, 22 Feb 2024 13:51:25 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/155976/781/ 		2 MB
247 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-105-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
32d4e32610f665f17e5f51340879ea8ef32485270d3e74e8e70eeae967b32cfd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:40 GMT
content-encoding
gzip
last-modified
Tue, 22 Aug 2023 07:17:44 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=18094
accept-ranges
bytes
content-length
252083
expires
Wed, 31 Jan 2024 09:59:14 GMT
hub.html
p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/ Frame 2059 		236 B
393 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-dbd0cb309ee161b5c4fe.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
24
cache-control
no-cache, max-age=0
content-encoding
gzip
content-length
186
content-type
text/html
date
Wed, 31 Jan 2024 04:57:16 GMT
server
Lego Server
vary
Accept-Encoding
x-cache-lookup
Cache Miss Hit From Inner Cluster Cache Miss
x-nws-log-uuid
11210050023925935268
x-page-speed
1.11.33.4-0
/
graph.sanook.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getTrendingTags&variables=%7B%22position%22%3A%22NEWS_CHUANG_ASIA_VIDEO%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22fafa2ebba388db4754b1cdb5c5ca17123842d3c2cc2f8ea2e6f1d75377e2179d%22%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
61.91.93.41 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-41.static.asianet.co.th
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.sanook.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Max-Age
300
Connection
keep-alive
Date
Wed, 31 Jan 2024 04:57:41 GMT
G-API-Cache-Status
BYPASS
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Vary
Origin
/
graph.sanook.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getFirstpageLatestEntryConnection&variables=%7B%22channels%22%3A%5B%22news%22%5D%2C%22types%22%3A%5B%22content%22%5D%2C%22categoryIds%22%3A%5B%7B%22channel%22%3A%22news%22%2C%22ids%22%3A%5B%226614%22%5D%7D%5D%2C%22categorySlugs%22%3A%5B%7B%22channel%22%3A%22news%22%2C%22slugs%22%3A%5B%22chuangasia%22%5D%7D%5D%2C%22first%22%3A3%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22e838b992f7a7cc1c8b668a941703f23d86e1cac625b856a8370085b3e2cd253f%22%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
61.91.93.41 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-41.static.asianet.co.th
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.sanook.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Max-Age
300
Connection
keep-alive
Date
Wed, 31 Jan 2024 04:57:41 GMT
G-API-Cache-Status
BYPASS
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Vary
Origin
l-wetv.png
s.isanook.com/sr/0/images/chuang/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/chuang/l-wetv.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
e6e7fba5e94ed4bc947fb9bcd59213a5a979507c8ed51ec38b89b0ddc90a5af2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 03:13:41 GMT
x-cache-lookup
Cache Hit
x-original-content-length
7403
server
Lego Server
age
0
etag
W/"PSA-aj-1i8C-PHo6c"
content-type
image/png
cache-control
max-age=169
x-nws-log-uuid
9094796114820388825
accept-ranges
bytes
content-length
6246
expires
Fri, 12 Jan 2024 03:16:31 GMT
qr_chuangasia2024.png
s.isanook.com/sr/0/images/chuang/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/chuang/qr_chuangasia2024.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
85f22f476468816239f306942be872c6b388ee104419ee6ffe3102a31d4ebc95

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 03:13:41 GMT
x-cache-lookup
Cache Hit
x-original-content-length
15352
server
Lego Server
age
0
etag
W/"PSA-aj-CUtE_-kAv5"
content-type
image/png
x-nws-log-uuid
5480557106919166403
accept-ranges
bytes
content-length
4732
expires
Fri, 12 Jan 2024 03:16:30 GMT
cookiepolicy.png
s.isanook.com/sr/0/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/cookiepolicy.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
d57aeaf80265f0b85de1bf9798c3eb60e8b8a71869a16cea4873e21667c9f657

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 15:34:49 GMT
x-cache-lookup
Cache Hit
last-modified
Wed, 24 Jan 2024 10:08:49 GMT
server
Lego Server
age
0
etag
"65b0e1b1-428b"
content-type
image/png
cache-control
s-maxage=10
x-nws-log-uuid
2357034542936718756
accept-ranges
bytes
content-length
17035
sanook_trend
sloth-api.sanook.com/api/ 		793 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sloth-api.sanook.com/api/sanook_trend?channel=all&t=474076
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/9669-b56602280eb9384c191d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
203.151.128.177 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
177.128.151.203.sta.inet.co.th
Software
nginx / Express
Resource Hash
5540e67dc4ecb146241ad1fbf5219c104d8defd56d79b859f567d11e5fc19650

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Response-Time
0.534ms
Date
Wed, 31 Jan 2024 04:57:41 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"319-pRe4u8PdcmmVS8OAGNNgUbvZMR8"
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Content-Length
793
Expires
Fri, 01 Mar 2024 04:57:41 GMT
/
graph.sanook.com/ 		625 B
1020 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getTrendingTags&variables=%7B%22position%22%3A%22NEWS_CHUANG_ASIA_VIDEO%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22fafa2ebba388db4754b1cdb5c5ca17123842d3c2cc2f8ea2e6f1d75377e2179d%22%7D%7D
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-dbd0cb309ee161b5c4fe.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
61.91.93.41 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-41.static.asianet.co.th
Software
nginx /
Resource Hash
ca963bbedddee6c845e30c5b8221624caf8559c395a104fb6843161ee27d7840
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept
*/*
Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

Date
Wed, 31 Jan 2024 04:57:41 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Content-Encoding
br
Server
nginx
ETag
W/"271-CSijrPl6TuqWtR3rBfEXGya7wUY"
X-Cache-Status
EXPIRED
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Credentials
true
G-API-Cache-Status
HIT
Connection
keep-alive
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization
/
graph.sanook.com/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getFirstpageLatestEntryConnection&variables=%7B%22channels%22%3A%5B%22news%22%5D%2C%22types%22%3A%5B%22content%22%5D%2C%22categoryIds%22%3A%5B%7B%22channel%22%3A%22news%22%2C%22ids%22%3A%5B%226614%22%5D%7D%5D%2C%22categorySlugs%22%3A%5B%7B%22channel%22%3A%22news%22%2C%22slugs%22%3A%5B%22chuangasia%22%5D%7D%5D%2C%22first%22%3A3%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22e838b992f7a7cc1c8b668a941703f23d86e1cac625b856a8370085b3e2cd253f%22%7D%7D
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-dbd0cb309ee161b5c4fe.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
61.91.93.41 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-41.static.asianet.co.th
Software
nginx /
Resource Hash
95eeb57333d63ece6c9cb91d828cdbeec2fcf18962e6c81f41ada46670d2a228
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept
*/*
Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

Date
Wed, 31 Jan 2024 04:57:41 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Server
nginx
ETag
W/"1422-2l5lnhXO1zDsgb5bae/lObFUUJk"
X-Cache-Status
EXPIRED
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Credentials
true
G-API-Cache-Status
HIT
Connection
keep-alive
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization
syncframe
gum.criteo.com/ Frame 49CE 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 04:57:40 GMT
server
Kestrel
server-processing-duration-in-ticks
314802
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
bg-desktop.png
s.isanook.com/sr/0/images/chuang/ 		712 KB
713 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/chuang/bg-desktop.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
30298a7355d1e6c5d1e66cb94dded7de551cbc5fd73537424caadb597379bd03

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 03:11:31 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
etag
"65a0ab61-b1f84"
content-type
image/png
x-nws-log-uuid
15641399484996845889
accept-ranges
bytes
content-length
728964
expires
Fri, 12 Jan 2024 03:16:31 GMT
l-chuang.png
s.isanook.com/sr/0/images/chuang/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/chuang/l-chuang.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
f8b78bc2955a4afc4137abe355f4c3c8818c671fcc0737cba34d2abd9162fc9d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 03:13:41 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
etag
W/"PSA-aj-lu8Nxtxss2"
content-type
image/png
x-nws-log-uuid
8677459572865964914
accept-ranges
bytes
content-length
9239
expires
Fri, 12 Jan 2024 03:16:30 GMT
dc-script-v2.min.js
sal.isanook.com/dc/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sal.isanook.com/dc/dc-script-v2.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.151.133.6 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
6.134.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 04:57:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Nov 2020 11:46:30 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Fri, 01 Mar 2024 04:57:40 GMT
activity
t.ocmhood.com/v2/ 		0
433 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.ocmhood.com/v2/activity
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 31 Jan 2024 04:57:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sO0JjkekeCODW1EXEeh8LMblOwi35hmEwIErnPBQEd1dEqv6TCcmypf33wADzSQa3XMv%2BQoKsNpd0dB443v7EkMzuTcGO7EhoBBUHrNBxCFJ4Izr4jjJhOCNJAmiXtVTdn5fFy%2F4WDkhhQ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
no-cache
cf-ray
84df600e5a4339da-FRA
alt-svc
h3=":443"; ma=86400
activity
t.ocmhood.com/v2/ 		0
270 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.ocmhood.com/v2/activity
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 31 Jan 2024 04:57:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2FTwRyGOxeZlN9kWvHPdd2SdlPcb8FGrpWqS19aLp8FMrAsHVCmPLyAhV80%2BCCCi%2B6KKvcOSH14t1cLk5%2Fr4bZlKOqkrGgVYGhLPN3d0JNp97dY%2BzmDALKeoyDf9J%2FuwukBiFiWQebbJBwA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
no-cache
cf-ray
84df600e5a4439da-FRA
alt-svc
h3=":443"; ma=86400
/
beacon.taboola.com/ 		0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.taboola.com/?cat=webpush&v=1.5&src=Sanook&event=cancel&features=adblock
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-mxp6963-MXP
date
Wed, 31 Jan 2024 04:57:40 GMT
via
1.1 varnish
server
Varnish
x-timer
S1706677061.838539,VS0,VE0
access-control-allow-methods
GET, POST
content-type
x-cache
HIT
cache-control
private, no-store
access-control-allow-credentials
true
accept-ranges
bytes
retry-after
0
x-cache-hits
0
/
www.google.ch/pagead/1p-conversion/1007499765/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=1573985810&cv=11&fst=1706677060185&bg=ffffff&guid=ON&async=1&gtm=45He41t0v77572129&gcd=11l1l1l1l1&dma=0&u_w=1600&...
  • https://www.google.com/pagead/1p-conversion/1007499765/?random=1573985810&cv=11&fst=1706677060185&bg=ffffff&guid=ON&async=1&gtm=45He41t0v77572129&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A...
  • https://www.google.ch/pagead/1p-conversion/1007499765/?random=1573985810&cv=11&fst=1706677060185&bg=ffffff&guid=ON&async=1&gtm=45He41t0v77572129&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/pagead/1p-conversion/1007499765/?random=1573985810&cv=11&fst=1706677060185&bg=ffffff&guid=ON&async=1&gtm=45He41t0v77572129&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&pscdl=noapi&auid=4206996.1706677060&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkpDaEFJZ05uaXJRWVEtN0RJMnMtUGpza0JFaU1BSXRfb0VkQkN4a1dta0tlYTFFSFNLNTlyYU5BaHIxUkV2THdRMmZkajg2dlFsdxpWQ2hFSWdObmlyUVlROXF2QXJZYXItNHktQVJJckFDdUF2ZF9QeERsdkhsMVA1V3B3c2FheGVfVU9iUHQ3dHhJQnQ4ai0tcXpPaXBfWGFUdmNseVVsVUEiEwjQ1se_64aEAxUCRZEFHUBpA5Q&is_vtc=1&ocp_id=RNO5ZdCkJoKKxdwPwNKNoAk&cid=CAQSKQAvHhf_XUzTIfgMlc_SEKkNveqZhaQ0e3nJFZO_7I-DG7OcVYXrp2vx&eitems=ChAIgNnirQYQkeO2uY6iu-wzEh0AQOV8G9P-oz0kYqj3-6wqwb0fV2_O1blzuGaqwg&random=2197211860&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:40 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:40 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.ch/pagead/1p-conversion/1007499765/?random=1573985810&cv=11&fst=1706677060185&bg=ffffff&guid=ON&async=1&gtm=45He41t0v77572129&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&pscdl=noapi&auid=4206996.1706677060&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkpDaEFJZ05uaXJRWVEtN0RJMnMtUGpza0JFaU1BSXRfb0VkQkN4a1dta0tlYTFFSFNLNTlyYU5BaHIxUkV2THdRMmZkajg2dlFsdxpWQ2hFSWdObmlyUVlROXF2QXJZYXItNHktQVJJckFDdUF2ZF9QeERsdkhsMVA1V3B3c2FheGVfVU9iUHQ3dHhJQnQ4ai0tcXpPaXBfWGFUdmNseVVsVUEiEwjQ1se_64aEAxUCRZEFHUBpA5Q&is_vtc=1&ocp_id=RNO5ZdCkJoKKxdwPwNKNoAk&cid=CAQSKQAvHhf_XUzTIfgMlc_SEKkNveqZhaQ0e3nJFZO_7I-DG7OcVYXrp2vx&eitems=ChAIgNnirQYQkeO2uY6iu-wzEh0AQOV8G9P-oz0kYqj3-6wqwb0fV2_O1blzuGaqwg&random=2197211860&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=14617386&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1706677060833&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2F&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1706677060833&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2F&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%...
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1706677060833&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2F&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&c9=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:40 GMT
via
1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
yQ7-FzmspO8_EMZnhTvLxRXb_FGWjsfv18YsHdNwcpa4yTH-aXwMWA==
x-cache
Miss from cloudfront

Redirect headers

date
Wed, 31 Jan 2024 04:57:40 GMT
via
1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=14617386&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1706677060833&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2F&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&c9=
content-length
0
x-amz-cf-id
OxxLCBbbPYbW9WXTCEFJP2QtpChRopmSAgHamDjfShIFMKvefvU9kw==
/
www.google.com/pagead/1p-user-list/408516141/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/408516141/?random=1706677060189&cv=11&fst=1706673600000&bg=ffffff&guid=ON&async=1&gtm=45He41t0v77572129&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_giNvzdBYXOl2JUSZmQ49cX83vSBsnA&random=2660738568&rmt_tld=0&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:40 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ch/pagead/1p-user-list/408516141/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/pagead/1p-user-list/408516141/?random=1706677060189&cv=11&fst=1706673600000&bg=ffffff&guid=ON&async=1&gtm=45He41t0v77572129&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_giNvzdBYXOl2JUSZmQ49cX83vSBsnA&random=2660738568&rmt_tld=1&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:40 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc.js
avd.innity.net/lib/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/lib/dc.js
Requested by
Host: avd.innity.net
URL: https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.215.19.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-19-214.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 04:57:40 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Oct 2021 06:40:46 GMT
Server
nginx/1.20.1
ETag
"61725cee-5149-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2049122
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6412
Expires
Fri, 23 Feb 2024 22:09:42 GMT
container_5f47736a47e7049801000002.js
avd.innity.net/261/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/261/container_5f47736a47e7049801000002.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.215.19.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-19-214.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 04:57:40 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Sep 2020 01:58:26 GMT
Server
nginx/1.20.1
ETag
"5f73e642-1eac-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=942117
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2870
Expires
Sun, 11 Feb 2024 02:39:37 GMT
collect
www.google-analytics.com/j/ 		16 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=142997764&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAEK~&jid=923745414&gjid=686584622&cid=1952691386.1706677060&tid=UA-8147095-6&_gid=1927022377.1706677061&_r=1&_slc=1&gtm=45He41t0n81PNXLXRSv77572129&cd4=0&cd12=1706677060190.3id95pcg&cd22=firstpage&cd23=indexpage&cd43=0&gcd=11l1l1l1l1&dma=0&z=1173080690
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1bf2204e4bc320500b589d112b120f2c00240f6bac71af61590485ae0ebc5998
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
c
sal.isanook.com/sa/ 		35 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sal.isanook.com/sa/c?v=1&_v=j41&a=148085029&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QAAAAAABC~&cid=1194892289.1706677061&tid=SA-8147095-6&cd4=0&cd8=b&z=1849692761
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.151.133.6 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
6.134.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 31 Jan 2024 04:57:41 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
no-cache, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35
Expires
Thu, 01 Jan 1970 00:00:01 GMT
floors.json
ads.pubmatic.com/AdServer/js/pwt/floors/155976/781/ 		505 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/floors/155976/781/floors.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-105-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7caf1116c3bc0eaa5621eee17963a717177553c68cce31ba7422a81d2d3fea6d

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Jan 2024 04:57:40 GMT
content-encoding
gzip
last-modified
Mon, 29 Jan 2024 17:26:38 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
*
content-type
application/json
cache-control
public, max-age=9555
access-control-allow-credentials
true
accept-ranges
bytes
content-length
224
expires
Wed, 31 Jan 2024 07:36:55 GMT
geo
ut.pubmatic.com/ 		12 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
bd62fdb47c5864853af3824151c917e6bdab6a93a801df8fb717a02748886596

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Wed, 31 Jan 2024 04:57:40 GMT
cache-control
max-age=172800
content-length
12
content-type
application/json
gpt.js
www.googletagservices.com/tag/js/ 		99 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
653052a4cb75b31383efc7ca5448cafcb6d67dc9082356f311b597055a80add2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30143
x-xss-protection
0
server
cafe
etag
124 / 19753 / 31080755 / config-hash: 8161858144323825894
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 04:57:40 GMT
/
avd.innity.com/dc/cb/ 		59 B
707 B 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by
Host: avd.innity.net
URL: https://avd.innity.net/lib/dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.243.203.231 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
870316922190e591389d2030dae15b82d4c571068a3fd167a20b757648f7d770

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 04:57:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 Jan 2024 04:57:41 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
79
Expires
Wed, 04 Aug 1985 12:59:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-8147095-6&cid=1952691386.1706677060&jid=923745414&gjid=686584622&_gid=1927022377.1706677061&_u=YADAAEAAAAAAACAEK~&z=1427092373
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3d89d2a833e0c8b73ddaac6d6ec14c4ab06c648ee6574f1b29e9ab8435e2f41e
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 31 Jan 2024 04:57:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		239 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-17F0RQM2JW&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
209144720915b26b1ba9d40bcd57bbbc3e85dfeb8033c23f483047e91c910efe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85459
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 31 Jan 2024 04:57:40 GMT
sid
mug.criteo.com/ Frame 49CE
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=sanook.com&sn=ChromeSyncframe&so=0&topUrl=www.sanook.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=Fr6H0HxTVWRDZjkvSkVjL0hIRkRJamFUbjBNZ1ZhNFZ4WjZROG1NK3QyTERGQ1MraWRHUno2UTJ1T2VldUhXMEZuNHRDb05PZ1NRdGphdWlzSGxkKythalc4Mk5yaThRMXZYZElHc1JwT3Y4clh1UzczUmhPd3M4NXdkTU...
441 B
664 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Fr6H0HxTVWRDZjkvSkVjL0hIRkRJamFUbjBNZ1ZhNFZ4WjZROG1NK3QyTERGQ1MraWRHUno2UTJ1T2VldUhXMEZuNHRDb05PZ1NRdGphdWlzSGxkKythalc4Mk5yaThRMXZYZElHc1JwT3Y4clh1UzczUmhPd3M4NXdkTUhMUy9SdDhqcDdxTUVJWUZNM3pjN0w2ZXVBbGJNL1ppVG5EOURpSVh1K2tPaTYzTFF6cUdsT0FKTjNNYnE1Yzh4cFMwT3cxbGVIc2NRWUZzWHhiMjYzRGpzYzViU21FT0lXUDBkdFlnRjFnb0doUWhjZllFcS9QN3E2RXRlaEFsaUkzUjVVUjJxZ1Z0SGw5UmRHUnVMMXcvRklUWit5MzhvbUVMb0tXbzVwanVDSlc5U2poWT18&cppv=2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a21ff431c57e3529b913f6fd452ceecd9303328f3154ba5282de83fdf3aba1c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:40 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1172436
expires
0

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:40 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=Fr6H0HxTVWRDZjkvSkVjL0hIRkRJamFUbjBNZ1ZhNFZ4WjZROG1NK3QyTERGQ1MraWRHUno2UTJ1T2VldUhXMEZuNHRDb05PZ1NRdGphdWlzSGxkKythalc4Mk5yaThRMXZYZElHc1JwT3Y4clh1UzczUmhPd3M4NXdkTUhMUy9SdDhqcDdxTUVJWUZNM3pjN0w2ZXVBbGJNL1ppVG5EOURpSVh1K2tPaTYzTFF6cUdsT0FKTjNNYnE1Yzh4cFMwT3cxbGVIc2NRWUZzWHhiMjYzRGpzYzViU21FT0lXUDBkdFlnRjFnb0doUWhjZllFcS9QN3E2RXRlaEFsaUkzUjVVUjJxZ1Z0SGw5UmRHUnVMMXcvRklUWit5MzhvbUVMb0tXbzVwanVDSlc5U2poWT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
296073
content-length
0
expires
0
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-8147095-6&cid=1952691386.1706677060&jid=923745414&_u=YADAAEAAAAAAACAEK~&z=1327269221
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ch/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-8147095-6&cid=1952691386.1706677060&jid=923745414&_u=YADAAEAAAAAAACAEK~&z=1327269221
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-17F0RQM2JW&gtm=45je41t0v9134475311&_p=1706677059783&_gaz=1&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=1952691386.1706677060&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sid=1706677060&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_4=0&ep.ua_dimension_12=1706677060190.3id95pcg&ep.ua_dimension_22=firstpage&ep.ua_dimension_23=indexpage&ep.ua_dimension_43=0&tfd=3272
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-17F0RQM2JW&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-17F0RQM2JW&cid=1952691386.1706677060&gtm=45je41t0v9134475311&aip=1&dma=0&gcd=11l1l1l1l2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-17F0RQM2JW&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ch/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-17F0RQM2JW&cid=1952691386.1706677060&gtm=45je41t0v9134475311&aip=1&dma=0&gcd=11l1l1l1l2&z=1246264018
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
goggen.php
lvs2.truehits.in.th/ 		91 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lvs2.truehits.in.th/goggen.php?hc=d0004449&bv=0&rf=bookmark&web=sE6YwxRDlbPo4YFwAkzuqQ%3D%3D&bn=Netscape&ss=1600*1200&sc=24&sv=1.3&ck=y&ja=n&vt=19A39A2E.1&fp=d&fv=-&truehitspage=sanook.www.index&truehitsurl=https%3a//www.sanook.com/&async=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.58.214 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-58-214.northern.inet.co.th
Software
nginx/1.23.3 /
Resource Hash
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/jpeg
pragma
no-cache
date
Wed, 31 Jan 2024 04:57:41 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server
nginx/1.23.3
p3p
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
d
dc.sanook.com/sanookStat/userActBinary/ 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dc.sanook.com/sanookStat/userActBinary/d?v=1&_v=j41&a=148085029&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cd4=0&cd22=firstpage&cd23=indexpage&_gid=1927022377.1706677061&_u=AAAAAEABC~&cid=1952691386.1706677060&tid=DC-8147095-6&z=269680420
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
61.91.93.45 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-45.static.asianet.co.th
Software
/ ARR/3.0
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 31 Jan 2024 04:57:41 GMT
X-Powered-By
ARR/3.0
Content-Length
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/ 		436 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080755
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
30f626b7d89b4a108dea23a3840cb1f923334a36f485ebcc8075f06a79904cbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 12:36:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
58877
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139565
x-xss-protection
0
server
cafe
etag
12534472742743793976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 29 Jan 2025 12:36:24 GMT
cdb
bidder.criteo.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=149&profileId=184&cb=53611994695
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 31 Jan 2024 04:57:40 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
cdb
bidder.criteo.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=149&profileId=184&cb=77762700941
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 31 Jan 2024 04:57:40 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
cdb
bidder.criteo.com/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=149&profileId=184&cb=34844310576
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 31 Jan 2024 04:57:41 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
rum.js
pagead2.googlesyndication.com/pagead/js/ 		65 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b290618c6a5c2dd4b007f08778431d033d20fd379b4e9dc4f173e11e2a965116
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:06:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
3080
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24657
x-xss-protection
0
server
cafe
etag
1770201614985610734
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 05:06:21 GMT
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=608
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 31 Jan 2024 04:57:40 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=463
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 31 Jan 2024 04:57:40 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
157165500
fundingchoicesmessages.google.com/i/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/157165500?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
90566fd23b25f6f1903bcc02d2fdc964ba46dae90d117f63dd45404dddbb33f0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qWYYUCxHpoaR6jjfyeCOgg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:41 GMT
content-security-policy
script-src 'report-sample' 'nonce-qWYYUCxHpoaR6jjfyeCOgg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjusKoxSXF4KkhxXDi1m2mC0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgLsh-zlQBxIx_XjBxAvG7Ly-ZOL6-ZJIAYjUgfif5iukbEO_w8WB5Ez6dlS1iOuvpgumsl4GYrWI6Kx8Qx9VNZ80BYr5101k1109n3XJmOuseII55Pp01BYgXs85gXQ3EUwJnsM4B4pboGayTgNgpfQZrABB_zpzB-huIfepnsEYBcdntc6x1QCzEw3F02fO1bAI37v2bwggAdyVg4w"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
hub.js
p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/ Frame 2059 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/hub.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 08:39:32 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 18 Nov 2016 04:14:33 GMT
server
Lego Server
age
195205
etag
"582e8029-1e6a"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
17285447842719813271
accept-ranges
bytes
content-length
2483
expires
Sun, 25 Feb 2024 02:26:08 GMT
events
bidder.criteo.com/csm/ 		0
192 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 31 Jan 2024 04:57:40 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 25 Jan 2025 04:57:41 GMT
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 25 Jan 2025 04:57:41 GMT
bid-request
a.teads.tv/hb/ 		16 B
614 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:41 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 31 Jan 2024 04:57:41 GMT
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=180
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 31 Jan 2024 04:57:41 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
events
bidder.criteo.com/csm/ 		0
192 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 31 Jan 2024 04:57:40 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bid-request
a.teads.tv/hb/ 		16 B
615 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:41 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 31 Jan 2024 04:57:41 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:41 GMT
an-x-request-uuid
b5a1459c-b18e-4697-95d8-e452f1a202de
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
149.88.27.84; 149.88.27.84; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
rtb-eu.andbeyond.media/ 		22 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-eu.andbeyond.media/hb?zone=136922&v=1.6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.sanook.com
Date
Wed, 31 Jan 2024 04:57:41 GMT
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
22
fastlane.json
fastlane.rubiconproject.com/a/api/ 		370 B
885 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17864&site_id=385176&zone_id=2142876&size_id=15&alt_size_ids=570&rf=https%3A%2F%2Fwww.sanook.com%2F&kw=%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%2C%E0%B8%AB%E0%B8%A7%E0%B8%A2%2C%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A%E0%B8%B2%E0%B8%A5%2C%E0%B8%9F%E0%B8%B1%E0%B8%87%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%2CJoox%2C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%2C%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%2C%E0%B8%A7%E0%B8%B2%E0%B9%84%E0%B8%A3%E0%B8%95%E0%B8%B5%E0%B9%89%2C%E0%B8%81%E0%B8%B5%E0%B8%AC%E0%B8%B2%2C%E0%B8%AB%E0%B8%99%E0%B8%B1%E0%B8%87%2C%E0%B8%A5%E0%B8%B0%E0%B8%84%E0%B8%A3%2C%E0%B8%84%E0%B8%A5%E0%B8%B4%E0%B8%9B%E0%B8%A7%E0%B8%B4%E0%B8%94%E0%B8%B5%E0%B9%82%E0%B8%AD%2C%E0%B8%AA%E0%B8%B8%E0%B8%82%E0%B8%A0%E0%B8%B2%E0%B8%9E%2C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%9A%E0%B8%B1%E0%B8%99%E0%B9%80%E0%B8%97%E0%B8%B4%E0%B8%87%2Csanook%2C%E0%B8%A7%E0%B8%B4%E0%B9%80%E0%B8%84%E0%B8%A3%E0%B8%B2%E0%B8%B0%E0%B8%AB%E0%B9%8C%E0%B8%9A%E0%B8%AD%E0%B8%A5%2C%E0%B9%80%E0%B8%81%E0%B8%A1%2C%E0%B8%94%E0%B8%B9%E0%B8%97%E0%B8%B5%E0%B8%A7%E0%B8%B5%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C&tg_i.page=https%3A%2F%2Fwww.sanook.com%2F&tg_i.domain=sanook.com&tg_i.pbadslot=%2F4899711%2Fwww.sanook%2Fdesktop%2Fall%2Findexpage%2Freca&tk_flint=pbjs_lite_v7.39.0&x_source.tid=de167ebe-c6dd-4fca-94dd-57db114829a2&l_pb_bid_id=18802b71f860255&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.1&rp_maxbids=1&p_gpid=%2F4899711%2Fwww.sanook%2Fdesktop%2Fall%2Findexpage%2Freca&slots=1&rand=0.0925509934718638
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
46ccb0215c374a045b198ec68b07283154c9f0d547f23b40642771f26d5bcda7

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:41 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
370
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
673 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=575406
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4280a80ca628156ee5dadc954d54bb73f465db891e63bcdaaa9ad40022f58982

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X6XqC2oLPfz0q6Gnt0vX9%2BPabYEx%2FXnoDxHeIrE5l2ml%2BdRrw41MsG19Jh%2FGzMXRCEct27VxcccEEVatE0SD5GF7sYOchJoK%2FFjYCEiGu8R%2BOKE9zoGT96N29MibG%2BQuVyblYT%2Fn"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
84df60119c4a048b-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
arj
tencentth-d.openx.net/w/1.0/ 		173 B
581 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tencentth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sanook.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=de167ebe-c6dd-4fca-94dd-57db114829a2&nocache=1706677061326&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&aus=300x250%2C257x240%2C300x125&divids=rgpt-reca-4&aucs=%252F4899711%252Fwww.sanook%252Fdesktop%252Fall%252Findexpage%252Freca&auid=542511420&aumfs=100
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
1e496ce04d71bc3bcd3dbc7857b1716b5c1092886b8bc918b384ad702866c07b

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:41 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sanook.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=182
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 31 Jan 2024 04:57:41 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5CE5 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-105-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=80934
content-encoding
gzip
content-length
5622
content-type
text/html
date
Wed, 31 Jan 2024 04:57:41 GMT
expires
Thu, 01 Feb 2024 03:26:35 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EB05 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-105-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=80934
content-encoding
gzip
content-length
5622
content-type
text/html
date
Wed, 31 Jan 2024 04:57:41 GMT
expires
Thu, 01 Feb 2024 03:26:35 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
events
bidder.criteo.com/csm/ 		0
192 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 31 Jan 2024 04:57:40 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=143
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 31 Jan 2024 04:57:41 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
PugMaster
image6.pubmatic.com/AdServer/ Frame 5CE5 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=85662289&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
b6cda99a2e49ed21d93f7dc2187782b96a710057612e53360d75df23e3bf39e7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 31 Jan 2024 04:57:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
AGSKWxULY2nke-WW0-pFG1EA9lBH_t9QKLEom32-WRdRys5yzDeCdl4b68RCF53gawfvK0fatOa-CK2U0RuxwDawm9pYzRBFi2gyYv_x6zAanOMwDjt4PqJ3-KreD5LGVISe1dzqXzoy8g==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxULY2nke-WW0-pFG1EA9lBH_t9QKLEom32-WRdRys5yzDeCdl4b68RCF53gawfvK0fatOa-CK2U0RuxwDawm9pYzRBFi2gyYv_x6zAanOMwDjt4PqJ3-KreD5LGVISe1dzqXzoy8g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2Njc3MDYxLDM4NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuc2Fub29rLmNvbS8iLG51bGwsW1s4LCJsTUl6ZEFLS0RFWSJdLFs5LCJkZSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMydysWSwbIpNQ8XJtR_bqujs8v2Qw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1a06ebb32c05bd564543fccfd732afd1cbd95cc2f118b537017b937bf6c69995
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-HCOGKQyWLw5Z_nrxVUwcNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:41 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-HCOGKQyWLw5Z_nrxVUwcNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsGoxSXF4KYhxaAYtpPpvNMdputAfFHlKdNNIK5leMbUCsQPwp8xvQBiA43nTBZAXJD9nKkCiBn_vGDiBOJ3X14yCXx9ySQBxFpA_E7yFdM3IN7h48HyJnw6K1_EdNbTBdNZLwMxWwWQD8RxddNZC4CYb910VsP101m3nJnOugeIY55PZ00B4sWsM1hXA_GUwBmsc4C4JXoG6zQgdkqfwRoCxJ8zZ7D-BuKy2-dY64BYiIfj6LLna9kEGr5-PcYIAHAQWjI"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
885cb38c43b35c7ff9befe60f6c96f653d15befa0770f5f2ea0ea5cbc5d03a68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 18 Jan 2024 07:12:05 GMT
server
nginx
etag
W/"65a8cf45-a585"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 01 Feb 2024 04:57:41 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.18.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-18-118.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 03:56:19 GMT
content-encoding
gzip
via
1.1 0bdea9339f79fea2216fd97b3f7856f2.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P6
age
3683
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
Y5mev2ih6z0ltzYwXA7xRtew3M5uwc9jwBjQ3bnbFEymOcniiLSfJA==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080755
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:9400:a:e047:753:eb41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Tue, 30 Jan 2024 06:54:01 GMT
Via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MUC50-P1
Age
79421
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
vdjhxl-qkzW0_gsYaqAWl0JufDAGatBjUAXGiaaQGSKsJBbVsZvfnw==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 20:59:49 GMT
content-encoding
gzip
age
2015872
x-guploader-uploadid
ABPtcPpQMMNmlDFdmPhboX89b1AyXhC6i8onZKp37136uz_RjC3Gkk2_v8ATGNMU0gJgfz0tdXyrVT8BRVMwnkI9IoqkpOY2mloK
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Mon, 06 Jan 2025 20:59:49 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		87 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f71c68db8f50cecab42686d45c685b9fa2710dac74bd8eb50df4689575fc204
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:41 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 30 Jan 2024 10:08:32 GMT
server
cloudflare
x-amz-request-id
XTNTDV0M0ZZ2WHNF
age
870
etag
W/"b03d5064c95ecd01501cdae49ca9228b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
84df60120fe3bbe9-FRA
x-amz-id-2
3KAPO+OoXjW1Ho24KSnnDNt3v4LT7ikO1dxTg2baC+1nl5nCLPLLSibbyabg/RHYhJ9ndS0tQ+Ry1V26pC7jNg==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
12220
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230031-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P7WKCGfw%2F5%2F3x0sE6QAQQK6l5BilTYgXyQRMarzujTtftLWsJryTFAOjm%2FIt5cuQxEYuFmwHCRPI1pCbCa%2B3D%2BfwXPnnNFPOj1bSXgFbkKNQZnSKQItzxyMiVre8knj61f5B0HMOri9mj1tODYM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
84df601208f91e4f-FRA
ads
securepubads.g.doubleclick.net/gampad/ 		860 B
535 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3611580827968359&correlator=919400289773084&eid=31080155%2C31080781%2C31080755%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202401250101&ptt=17&impl=fif&gdpr=0&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2CSkyscraper&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=130x445&ifi=1&didk=1874942343&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1706677061397&lmt=1706677061&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.sanook.com%2F&rumc=3611580827968359&rume=1&vis=1&psz=0x0&msz=0x0&fws=132&ohw=130&ga_vid=1952691386.1706677060&ga_sid=1706677061&ga_hid=142997764&ga_fc=true&cbidsp=CnkIARI5CghwdWJtYXRpYxBQGh8KDjViYmI5ZjI3ZmQzOGQ3EAAaA1VTRCgBOgQIABAAIAFSCHB1Ym1hdGljGAIiJDYzZTM5MDEyLTFiYmItNDRkNS1hOTY3LTVhZTA5ODAzYTYxMyoECAMgADIHdjcuMzkuMEC2B0oA&dlt=1706677059766&idt=1413&ppid=5dfcc702cfa78621604afb045de1bda7&prev_scp=category%3Dall&adks=908668280&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
556320446677740f6ff2e7aab81f4d75e32998a2f5b6c2f7766fbdf398faaa41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:41 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
430
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		33 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3611580827968359&correlator=1282007514226753&eid=31080155%2C31080781%2C31080755%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202401250101&ptt=17&impl=fif&gdpr=0&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cuniversalb&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&ifi=2&didk=2096832710&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1706677061402&lmt=1706677061&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.sanook.com%2F&rumc=3611580827968359&rume=1&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=1952691386.1706677060&ga_sid=1706677061&ga_hid=142997764&ga_fc=true&cbidsp=CnkIARI5CghwdWJtYXRpYxBWGh8KDjZmMjk3ZWVjZGZkMWJjEAAaA1VTRCgBOgQIABAAIAFSCHB1Ym1hdGljGAIiJDFmNGE5MGQ1LWU5ZGEtNDllMy04MjUyLTQxZGNmZjcwMjZmOSoECAMgADIHdjcuMzkuMEC2B0oA&dlt=1706677059766&idt=1413&ppid=5dfcc702cfa78621604afb045de1bda7&prev_scp=category%3Dall&adks=345054422&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
96e567bbf817356289ebcf9dd841f7f96a2961bd110996a21d9f36298977341c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13664
x-xss-protection
0
google-lineitem-id
5582840632
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138452573066
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		36 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3611580827968359&correlator=223554183304462&eid=31080155%2C31080781%2C31080755%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202401250101&ptt=17&impl=fif&gdpr=0&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cbillboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1%7C1150x90%7C1090x250&ifi=3&didk=498303881&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1706677061404&lmt=1706677061&adxs=225&adys=-90&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.sanook.com%2F&rumc=3611580827968359&rume=1&vis=1&psz=1150x-1&msz=1150x-1&fws=4&ohw=1150&ga_vid=1952691386.1706677060&ga_sid=1706677061&ga_hid=142997764&ga_fc=true&cbidsp=CnoIARI6CghwdWJtYXRpYxAcGiAKDzMxMTQ4YzcxMWMyYTE1MRAAGgNVU0QoAToECAAQACABUghwdWJtYXRpYxgCIiQ2MjYzNTM3NC02MzhlLTQ4ODMtODYxOC0zYTljMTM1OWQyODIqBAgDIAAyB3Y3LjM5LjBAtgdKAA..&dlt=1706677059766&idt=1413&ppid=5dfcc702cfa78621604afb045de1bda7&prev_scp=category%3Dall&adks=3448326100&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e589f795c86643dd2008f9004612958912912d04e7da5284b4dc61703c76e25d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14486
x-xss-protection
0
google-lineitem-id
6477527494
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138461004458
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 74A3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 04:57:41 GMT
expires
Thu, 30 Jan 2025 04:57:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxXtsd61a0JLIhahRRPggbtP6IDmPEd7I7Da33opVdRdHktEqIecryGnEbEfcJcmrbOA9XvU0ISUiy44Zc5GEy-MAVsn87ni0zylfM4eEGgGdLo6NZGG6C92UytxDVHK1KqHG5v-0g==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXtsd61a0JLIhahRRPggbtP6IDmPEd7I7Da33opVdRdHktEqIecryGnEbEfcJcmrbOA9XvU0ISUiy44Zc5GEy-MAVsn87ni0zylfM4eEGgGdLo6NZGG6C92UytxDVHK1KqHG5v-0g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2Njc3MDYxLDQzOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImRlIl0sImh0dHBzOi8vd3d3LnNhbm9vay5jb20vIixudWxsLFtbOCwibE1JemRBS0tERVkiXSxbOSwiZGUiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMydysWSwbIpNQ8XJtR_bqujs8v2Qw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
168092d803b6a4aaea751a92bf5e84dc34925555b0ed72331a8a299c3475d0d0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9jEqdCUpIOS9E5WUMcdung' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:41 GMT
content-security-policy
script-src 'report-sample' 'nonce-9jEqdCUpIOS9E5WUMcdung' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsKoxSXF4KohxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5kEvr5kkgBiLSB-J_mK6RsQ7_DxYHkTPp2VL2I66-mC6ayXgZitAsgH4ri66awFQMy3bjqr4frprFvOTGfdA8Qxz6ezpgDxYtYZrKuBeErgDNY5QNwSPYN1GhA7pc9gDQHiz5kzWH8Dcdntc6x1QCzEw3F02fO1bAIrLv66xwgAcURZHA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame F2EC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:06ee65b9-d346-4700-ba4c-dbf0521173fc&gdpr=0&gdpr_consent=
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:06ee65b9-d346-4700-ba4c-dbf0521173fc&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 04:57:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 31 Jan 2024 04:58:08 GMT
Expires
Wed, 31 Jan 2024 04:58:07 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1451 1934b03 master iad iad-pixel-x4 config_version:"1906"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:06ee65b9-d346-4700-ba4c-dbf0521173fc&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 4EDD
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 04:57:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 04:57:41 GMT
expires
Wed, 31 Jan 2024 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
785357
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame DD09
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=43979405-4EF2-4FF7-97BB-059840D99A84&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=43979405-4EF2-4FF7-97BB-059840D99A84&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=43979405-4EF2-4FF7-97BB-059840D99A84&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 31 Jan 2024 04:57:41 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
2VG28SFCDMBYE0DHARV3

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Wed, 31 Jan 2024 04:57:41 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=43979405-4EF2-4FF7-97BB-059840D99A84&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
Q0JY2RPVXAW71KHPJVB5
Pug
image2.pubmatic.com/AdServer/ Frame 4BC8
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Fosl3ESNc9ANiX7dQotqhBWOIdcNhnOGFtiWnV56
42 B
415 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Fosl3ESNc9ANiX7dQotqhBWOIdcNhnOGFtiWnV56
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 04:57:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Wed, 31 Jan 2024 04:57:41 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Fosl3ESNc9ANiX7dQotqhBWOIdcNhnOGFtiWnV56
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 7527
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6626623700304249093&gdpr=0&gdpr_consent=
42 B
447 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6626623700304249093&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 04:57:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
83f1efc5-4ece-409e-a5a9-5abc2b74fb92
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 31 Jan 2024 04:57:41 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6626623700304249093&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
149.88.27.84; 149.88.27.84; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5FAA
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7330122161836193936&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7330122161836193936&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 04:57:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Wed, 31 Jan 2024 04:57:41 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7330122161836193936&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame FF89
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=e44ed6c8-35cc-4641-b331-06086abd0ea2&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ab70f9cc-ddaa-4a92-a1ec-b4be5e1439da&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
184 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ab70f9cc-ddaa-4a92-a1ec-b4be5e1439da&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 31 Jan 2024 04:57:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Wed, 31 Jan 2024 04:57:41 GMT
Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ab70f9cc-ddaa-4a92-a1ec-b4be5e1439da&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 34F6
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=EaDA0c-KUAtjOXdDlP0h55VYG1Q&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=EaDA0c-KUAtjOXdDlP0h55VYG1Q&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 04:57:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Wed, 31 Jan 2024 04:57:41 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=EaDA0c-KUAtjOXdDlP0h55VYG1Q&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 7F49
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEaTNrN0xjNmNBQUJRQ0FHaE1UUQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AADi3k7Lc6cAABQCAGhMTQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=5322462639283243386&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AADi3k7Lc6cAABQCAGhMTQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5322462639283243386%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=5322462639283243386&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADi3k7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADi3k7Lc6cAABQCAGhMTQ&gdpr=0&gdpr_consent=
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADi3k7Lc6cAABQCAGhMTQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 04:57:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 31 Jan 2024 04:57:42 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADi3k7Lc6cAABQCAGhMTQ&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 5373
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1884283304624959305
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1884283304624959305
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 04:57:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1884283304624959305
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5CE5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Q5eUBU7yT_eXuwWYQNmahA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Server
2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-105-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:41 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=80934
accept-ranges
bytes
content-length
5622
expires
Thu, 01 Feb 2024 03:26:35 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 5CE5
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=43979405-4EF2-4FF7-97BB-059840D99A84&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=43979405-4EF2-4FF7-97BB-059840D99A84&gdpr=0&gdpr_consent=&ct=y
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=43979405-4EF2-4FF7-97BB-059840D99A84&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Server
63.34.44.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-44-38.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:41 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.3.122
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:41 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=43979405-4EF2-4FF7-97BB-059840D99A84&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.45.13.205
content-length
0
expires
0
cr
cr.frontend.weborama.fr/ Frame 5CE5
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1654995395
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1654995395
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:41 GMT
via
1.1 google
last-modified
Wed, 31 Jan 2024 04:57:41 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:40 GMT
via
1.1 google
last-modified
Wed, 31 Jan 2024 04:57:41 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1654995395
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame 5CE5
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=43979405-4EF2-4FF7-97BB-059840D99A84
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NDExQWxySzlGSTRTSEs3Rzk5bFVxWWEtQQ%3D%3D&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=5709976349021260889&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
HTTP/1.1
Server
34.246.105.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-105-162.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 04:57:41 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 31 Jan 2024 04:57:41 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 5CE5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDM5Nzk0MDUtNEVGMi00RkY3LTk3QkItMDU5ODQwRDk5QTg0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 04:57:41 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5CE5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKt_W4JRJ-yoZFvbw2EoXbo&google_cver=1
42 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKt_W4JRJ-yoZFvbw2EoXbo&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 04:57:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKt_W4JRJ-yoZFvbw2EoXbo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 5CE5 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:41 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 30 Jan 2024 04:57:41 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5CE5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5709976349021260889
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5709976349021260889
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 04:57:41 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5709976349021260889
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 5CE5 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:41 GMT
server
Kestrel
content-length
70
content-type
image/gif
43979405-4EF2-4FF7-97BB-059840D99A84
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5CE5 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/43979405-4EF2-4FF7-97BB-059840D99A84?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:4d30:662b:6e06:fc7c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 5CE5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=43979405-4EF2-4FF7-97BB-059840D99A84&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=43979405-4EF2-4FF7-97BB-059840D99A84&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-fbafbKpE2uUvz3smi3cDahI_w3gFAjU-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-fbafbKpE2uUvz3smi3cDahI_w3gFAjU-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-fbafbKpE2uUvz3smi3cDahI_w3gFAjU-~A&gdpr=0
date
Wed, 31 Jan 2024 04:57:43 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
1
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 5CE5
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=&tc=1
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=qsDFJx_7DrIJOSX-pA8sNLE1U5yTtQx9kqaM7a8sZTI&pi=pubmatic&gdpr=0&gdpr_consent=&tc=1
42 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=qsDFJx_7DrIJOSX-pA8sNLE1U5yTtQx9kqaM7a8sZTI&pi=pubmatic&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 04:57:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=qsDFJx_7DrIJOSX-pA8sNLE1U5yTtQx9kqaM7a8sZTI&pi=pubmatic&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Wed, 31 Jan 2024 04:57:41 GMT, Wed, 31 Jan 2024 04:57:41 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5CE5
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=d059a7c7-748a-4630-a953-a1008e7ed124-65b9d345-4348&gdpr=0&gdpr_consent=
42 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=d059a7c7-748a-4630-a953-a1008e7ed124-65b9d345-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 04:57:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:41 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=d059a7c7-748a-4630-a953-a1008e7ed124-65b9d345-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5CE5
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=43979405-4EF2-4FF7-97BB-059840D99A84&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=24a5640f2bd41594&is_secure=true&networkId=17100&version=1&nuid=43979405-4EF2-4FF7-97BB-059840D99A84&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIw-uaJBMOowMimYNWAAAAAAA&expiration=1706763461&nuid=43979405-4EF2-4FF7-97BB-059840D99A84&...
42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIw-uaJBMOowMimYNWAAAAAAA&expiration=1706763461&nuid=43979405-4EF2-4FF7-97BB-059840D99A84&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 04:57:41 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:41 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIw-uaJBMOowMimYNWAAAAAAA&expiration=1706763461&nuid=43979405-4EF2-4FF7-97BB-059840D99A84&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
increment
id5-sync.com/api/esp/ 		0
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 31 Jan 2024 04:57:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
view
securepubads.g.doubleclick.net/pcs/ Frame 682F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBsUbCTP_6OmnYVDz9ycwiyXMef8C39WLE1uwG4-oy18VlnykGjHoq-KjR1TkhiSLN2SnZkn6pN0jBz3xeEgAhs7E1FIg1u2dQV_C94ZkJywbtY3XeaQUAvuQGxtDn5b7am6UW7mjltiWcrSHfHCtUEqUFee-HAzgbsctW8m6f56qBLuBRUCNfaVpSf0C5QuliyE4UAbxmYtaQW6O3lCFL6ytD8BHwKdfdPJlGuXW_j1GTApsarPAyC_pJC6XTkwzvtepH2R7S2ABHYy5j9GCFq12csUWYxIInPaJEsx696CMoE6vLqtBoUxWuexfkwk9N2almdxjYmKWcYYlLKYxUE-_doPpeaTmxETDgpRhn1rWWp_Hmb1L2EFXf&sai=AMfl-YTlQx_DLUPE8XMfvBLSUDs0QIC8qM7G3ubBzAoB7B2iYvIitifqvzlWhLaGCBVavDOOR8CPPu1yu38LWPrr6TZxVRYjJuM30OT0I7hjifqM28wfjdoEyTe9eNSjom1i9uLixDhmip6yv7JGkoNHCSM&sig=Cg0ArKJSzNvgW_PTmcrIEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 682F 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080755
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f463a32201372b5e611f4902ac7122165572108c713c5618723d8a62eefba8d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30139
x-xss-protection
0
server
cafe
etag
995 / 19753 / m202401250101 / config-hash: 8161858144323825894
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 04:57:41 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 682F 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78788a484b77f37f7426b9bd6f15cd74c9ef95a46537de4c6a6f87ecea090d4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706532320618808"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Jan 2024 04:57:41 GMT
container.html
d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 11E5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 04:57:41 GMT
expires
Thu, 30 Jan 2025 04:57:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
map
bcp.crwdcntrl.net/6/ 		156 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.224.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-224-8.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
9bc235beffc47c62a2ea003f6eb443faf8153d612c9026dc67321f083c2010a4

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:41 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache
x-server
10.45.26.240
access-control-allow-credentials
true
content-length
156
expires
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 11E5 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
URL: https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:55:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
36157
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 Jan 2025 18:55:04 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 11E5 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
URL: https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78788a484b77f37f7426b9bd6f15cd74c9ef95a46537de4c6a6f87ecea090d4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706532320618808"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Jan 2024 04:57:41 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3611580827968359&correlator=1083541411866842&eid=31080155%2C31080781%2C31080755%2C676982961%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202401250101&ptt=17&impl=fif&gdpr=0&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Creca&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C257x240%7C300x125&ifi=4&didk=4218483591&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D3c78105478a70ea7%3AT%3D1706677061%3ART%3D1706677061%3AS%3DALNI_MY0AvCiT1hErVYGJou7mUM0n_QTRg&gpic=UID%3D00000d4d600b9ce2%3AT%3D1706677061%3ART%3D1706677061%3AS%3DALNI_MbQx-TYLJd47-z6dVm07lQyYak3VA&abxe=1&dt=1706677061596&lmt=1706677061&adxs=1033&adys=1076&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.sanook.com%2F&rumc=3611580827968359&rume=1&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&psts=AOrYGskygQVPf6ruet0oD2X0-NDU5Ve87WYNoqI85CPcb1PFm1bMAbl6b1klrxljlga6Fe-rqN_B_xtxHWigDDkaoIdVg9Csuw95TkAQ90zJS4JtF2n5KxpFS9I%2CAOrYGslqFKOf6cGTh7yYUlX32vj-Q3zjxmnD5yu1Y3KUug_GcFbkm6RrWGUaTEjrkTAx4KipMkyRfwfMf11nfhgK2HRusxh0Ncn2Ecm13NWkAvriUw%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1952691386.1706677060&ga_sid=1706677061&ga_hid=142997764&ga_fc=true&cbidsp=Cv8BCAESEwoFdGVhZHMQhwIgAlIFdGVhZHMSGAoIYXBwbmV4dXMQYyACUghhcHBuZXh1cxIYCghhZGtlcm5lbBBnIAJSCGFka2VybmVsEhcKB3J1Ymljb24QwgEgAlIHcnViaWNvbhIMCgJpeBBVIAJSAml4EhMKBW9wZW54EL8BIAJSBW9wZW54EjoKCHB1Ym1hdGljECQaIAoPMzAwNTQxZjViNTEzN2NkEAAaA1VTRCgBOgQIABAAIAFSCHB1Ym1hdGljGAIiJGRlMTY3ZWJlLWM2ZGQtNGZjYS05NGRkLTU3ZGIxMTQ4MjlhMioECAMgADIHdjcuMzkuMEC2B0oA&dlt=1706677059766&idt=1413&ppid=5dfcc702cfa78621604afb045de1bda7&prev_scp=category%3Dall&adks=4033539290&frm=20&eo_id_str=ID%3D367d483ed7ba481b%3AT%3D1706677061%3ART%3D1706677061%3AS%3DAA-AfjY_kmWpJ1CWRDtd7vr5zu7B
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080755
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f3e34ec3a6ca44100a8ecfb22d0fd2491f15b748c8f7fb44e2091e249f890477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:41 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13267
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 46A9 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.104.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-104-211.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 31 Jan 2024 04:57:41 GMT
ETag
"623de86a-cf34"
Expires
Thu, 01 Feb 2024 04:57:43 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame 3A00 		784 B
785 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
43589efbbb838f13a86301f0e06f5f3b6eac8fd4eab6176c3b7207726b0491ad

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
481
content-type
text/html
date
Wed, 31 Jan 2024 04:57:41 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame 1DAD 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 31 Jan 2024 04:57:41 GMT
ETag
"20524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 9241 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
1138
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
84df60135d631e6c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Jan 2024 04:57:41 GMT
expires
Wed, 31 Jan 2024 08:57:41 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/ Frame 682F 		436 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
30f626b7d89b4a108dea23a3840cb1f923334a36f485ebcc8075f06a79904cbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 14:12:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
53116
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139565
x-xss-protection
0
server
cafe
etag
12534472742743793976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 29 Jan 2025 14:12:25 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 11E5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5dEHQ7Pqi2C0V1Z_pzhQMUgWG0atqkzQ5adVc6FQArNGWfD-bm9QfL2vK3j1aPp7Ob4jqsATuk_6wGQaB90oP1lcwTcPE_VESD0-Z-KRf7lCcNpmGUFL0sPt3mjdkEbnIygsyAlg0-Ps6xZo41DpbgxuJI-sGJ-Orkt_iLlZ_SmcTbh0rEgAU02tOuzUzI-oamp6unMTd0fKHJL94-gMQlwyw_f-Pzxza0FsvNvj6bqO3SS2BRn-IJd2VmipV7SNC9IYF4dAQ5fhC-WFyWuXtehip-qIQBbLIrswCSU6kAseVfc_h8T0RBdXkOd-2JPOtrQvcsAkS_8XXMM_9z9_0I0DrZZcNDAYAPMFjiW9G-pAB16hRN3_YxYeZ5ro&sai=AMfl-YQGbzwytjokUYAMnp0XpPSxVe9JxI3WNpfdpqiA3Wi0igACmUpnwWWVqEqrZ3tKyJfONMzJ5mp2iNBzGmV2aavpfou9o435Pwd6ymK8rft4Cuno7Q9Nf0hQ8joIjiwEd5j0bmYxu78pW26weBswWA&sig=Cg0ArKJSzIqh3vIJu04FEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
URL: https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
o_1hjs25hf0674117jch1nqq1mcbj.jpg
img-as.fsanook.com/files/uploads/ads/dfp/20240111/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-as.fsanook.com/files/uploads/ads/dfp/20240111/o_1hjs25hf0674117jch1nqq1mcbj.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.104 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
bdc8a06c16917dfbaf15530df7d06f0112e965ffcc010d19a4dc6a1f5ba17dee

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 06:36:07 GMT
x-cache-lookup
Cache Hit
last-modified
Thu, 11 Jan 2024 10:48:26 GMT
server
Lego Server
age
0
etag
"659fc77a-11040"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
x-nws-log-uuid
13429115076531444221
accept-ranges
bytes
content-length
69696
expires
Sun, 25 Feb 2024 06:36:07 GMT
o_1hjs25hf09bo1km513kbu3himbi.jpg
img-as.fsanook.com/files/uploads/ads/dfp/20240111/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-as.fsanook.com/files/uploads/ads/dfp/20240111/o_1hjs25hf09bo1km513kbu3himbi.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.104 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
6ab2e352cfe86cfdd8fb22f2ae29e01ddb6620875c447815b49878f4a1742303

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 06:36:07 GMT
x-cache-lookup
Cache Hit
last-modified
Thu, 11 Jan 2024 10:48:26 GMT
server
Lego Server
age
0
etag
"659fc77a-17e6c"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
x-nws-log-uuid
2759086419712488766
accept-ranges
bytes
content-length
97900
expires
Sun, 25 Feb 2024 06:36:07 GMT
o_1hjs25hf0kkn1p80735t2g1ngnf.jpg
img-as.fsanook.com/files/uploads/ads/dfp/20240111/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-as.fsanook.com/files/uploads/ads/dfp/20240111/o_1hjs25hf0kkn1p80735t2g1ngnf.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.104 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
5240d437390c9153b67f20b40405508295aa481205ff2808991c10719ac45b55

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 03:34:26 GMT
x-cache-lookup
Cache Hit
last-modified
Thu, 11 Jan 2024 10:47:58 GMT
server
Lego Server
age
0
etag
"659fc75e-14e15"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
x-nws-log-uuid
2660320783975770698
accept-ranges
bytes
content-length
85525
expires
Sun, 11 Feb 2024 03:34:26 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 11E5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkMyysxWbfDsFuSy4n_ECO5AzDSz4-LtEP8Cd6qw8FpRTu_3HHvLK3SBvgcduT3eTJ96Jj0GwBhoq7mmHADL7Da1JvEYy2VF7uHl_WrH5AOAaI_DxUsWTpGi9UwSJFx7yfglzYzTO-JQezx8jkEM567la-pqINAzhNSzk-HEUaYwZ2S18hfBS1Ke5FPJCGD8y6YYhdOj_uHxMRbjF7jyrR41q0O5_RZoOJZU1HsUa8HXGF5u6rLKy54ASiP29OHdaat6X2-BmySZ1x361x6tz4lJECmJI4aDE89XuIJDdiUdDHrOvBf5KiipAQelLZdtADqh8RSQNTTFQNDg9B96hDylFMTVgx1Mii0prm_0h8hhImIWgSpaSyeGX4xMU6Ww&sai=AMfl-YTMnCJmiAJGXd_30UAIooTO3OCPkIQEtHwC4gCJPxaw2VHZEEHFOvVuarCMht-Nfr41AMvnKTCjo3rD_H3FeWVt_rucVMdmgk6_qpLk0udsvo78LzHuGHWXYI1WiQo2jwJuBudYRXHg2s1FtLqY0A&sig=Cg0ArKJSzM5TL61ncRrKEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 31 Jan 2024 04:57:41 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 11E5 		65 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
URL: https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b290618c6a5c2dd4b007f08778431d033d20fd379b4e9dc4f173e11e2a965116
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 03:58:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
3571
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24657
x-xss-protection
0
server
cafe
etag
1770201614985610734
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 04:58:10 GMT
sanook_thumbnail_2023(93).jpg
s.isanook.com/ns/0/ud/1841/9207950/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/ud/1841/9207950/sanook_thumbnail_2023(93).jpg?ip/crop/w258h155/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
2b80a8df58622ebb1f869e72d9b76d56e82eea4a34e082f720494661e111ed9f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 11:16:55 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
143
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
16028427905865793942
accept-ranges
bytes
content-length
15727
expires
Thu, 29 Feb 2024 11:16:55 GMT
sanook_thumbnail_2023(90).jpg
s.isanook.com/ns/0/ud/1841/9207954/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/ud/1841/9207954/sanook_thumbnail_2023(90).jpg?ip/crop/w258h155/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
da4d7f5489f9f67f3775a3fd6d5aaa07fff58cb1b992c5d41ea19fe133eaf4a4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 07:49:44 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
4147785970149292662
accept-ranges
bytes
content-length
12407
expires
Thu, 29 Feb 2024 07:49:44 GMT
sanook_thumbnail_2023(43).jpg
s.isanook.com/ns/0/ud/1837/9189314/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/ud/1837/9189314/sanook_thumbnail_2023(43).jpg?ip/crop/w258h155/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
47699d74cbc64fab57d41f8263d945de97320e0e64658e2093abf061c1975802
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 04:54:39 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
292
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
8652529251837115832
accept-ranges
bytes
content-length
12291
expires
Thu, 22 Feb 2024 04:54:39 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		62 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3611580827968359&correlator=1120725759542826&eid=31080155%2C31080781%2C31080755%2C676982961%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202401250101&ptt=17&impl=fif&gdpr=0&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cleaderboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90%7C468x60&ifi=5&didk=3402878631&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D3c78105478a70ea7%3AT%3D1706677061%3ART%3D1706677061%3AS%3DALNI_MY0AvCiT1hErVYGJou7mUM0n_QTRg&gpic=UID%3D00000d4d600b9ce2%3AT%3D1706677061%3ART%3D1706677061%3AS%3DALNI_MbQx-TYLJd47-z6dVm07lQyYak3VA&abxe=1&dt=1706677061662&lmt=1706677061&adxs=0&adys=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.sanook.com%2F&rumc=3611580827968359&rume=1&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&psts=AOrYGskygQVPf6ruet0oD2X0-NDU5Ve87WYNoqI85CPcb1PFm1bMAbl6b1klrxljlga6Fe-rqN_B_xtxHWigDDkaoIdVg9Csuw95TkAQ90zJS4JtF2n5KxpFS9I%2CAOrYGslqFKOf6cGTh7yYUlX32vj-Q3zjxmnD5yu1Y3KUug_GcFbkm6RrWGUaTEjrkTAx4KipMkyRfwfMf11nfhgK2HRusxh0Ncn2Ecm13NWkAvriUw%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1952691386.1706677060&ga_sid=1706677061&ga_hid=142997764&ga_fc=true&cbidsp=Co4BCAESEwoFdGVhZHMQ0AIgAlIFdGVhZHMSOQoIcHVibWF0aWMQHBofCg4yOTlmZDhjMzZkYTZkZRAAGgNVU0QoAToECAAQACABUghwdWJtYXRpYxgCIiRkNmNiNGQzNS02ZGI2LTQyOWUtOWI2Ny04YzBiOTU3ZjQwNzQqBAgDIAAyB3Y3LjM5LjBAtgdKAA..&dlt=1706677059766&idt=1413&ppid=5dfcc702cfa78621604afb045de1bda7&prev_scp=category%3Dall&adks=3667654068&frm=20&eo_id_str=ID%3D367d483ed7ba481b%3AT%3D1706677061%3ART%3D1706677061%3AS%3DAA-AfjY_kmWpJ1CWRDtd7vr5zu7B
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080755
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9ced92ea7270ef77ae75fc7ebcd29e47c4da614b17c1c1a320835472adce0a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:41 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15901
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 3A00
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=GJJz60qUJecDkCjqTJI8sxuXd-ADnyWxGMHOaFNA
43 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=GJJz60qUJecDkCjqTJI8sxuXd-ADnyWxGMHOaFNA
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:41 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:41 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=GJJz60qUJecDkCjqTJI8sxuXd-ADnyWxGMHOaFNA
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 3A00
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5709976349021260889
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5709976349021260889
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:41 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5709976349021260889
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame 3A00 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=56851593-f440-8fcc-a3cf-b8d13be32c4e
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 04:57:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NKHBVS5SZ86TRHSFRX9H
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame 3A00 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=0e5369ee-e8ea-3436-63c1-3a4653d0e7ae&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:41 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 3A00 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjIzY2JhMjQtMjE5ZC02YTkyLTc2MjEtNjBmZjk5MzIyOWNl
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 3A00
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPZ2bdZtvxV67QJ6NzWTyP0&google_cver=1
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPZ2bdZtvxV67QJ6NzWTyP0&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:41 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPZ2bdZtvxV67QJ6NzWTyP0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
apiu.sanook.com/graphql/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apiu.sanook.com/graphql/?operationName=GetVideoById&variables=%7B%22entryId%22%3A1553420%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%221b8a934eaa0a308043b41ef84d618f63b41a19bab459d0817edd1d3510218861%22%7D%7D
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/9669-b56602280eb9384c191d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
61.91.93.41 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-41.static.asianet.co.th
Software
nginx / Express
Resource Hash
7c1c68f9a44bdd481acb64b7a808c36d872f94aa23379df9434c0d05be1bf6cf
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 04:57:42 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=15724800; includeSubDomains;
U-API-Cache-Status
HIT
X-Powered-By
Express
X-Cache-Status
EXPIRED
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
ETag
W/"7ab-Qedq3TT9qWgIbzadO++GL0bAWlU"
Vary
Accept-Encoding, Origin
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
/
avd.innity.com/dc/ 		43 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/dc/?cl=225&cuid=c43d016800e0ddc48976a859708c91fd&cb=1706677061691&douid=&sess=17027179.225.1706677061691&dur=0&ref=https%3A%2F%2Fwww.sanook.com%2F&srf=&pk=&pt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sr=1600x1200&ul=en-US&de=UTF-8&vp=1600x1200
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.243.203.231 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 04:57:41 GMT
Last-Modified
Wed, 31 Jan 2024 04:57:41 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
/
avd.innity.com/sync/ 		43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/sync/?partner=innity&token=c43d016800e0ddc48976a859708c91fd&type=cookie&itmcb=1706677061692
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.243.203.231 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 04:57:41 GMT
Last-Modified
Wed, 31 Jan 2024 04:57:41 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
usync.js
eus.rubiconproject.com/ Frame 1DAD 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1c20d9917401570e57b29c63fcec6ac1c7b8394777f16ddeff554000c9a94ebb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 04:57:41 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Jan 2024 13:44:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=31623
Connection
keep-alive
Content-Length
10901
Expires
Wed, 31 Jan 2024 13:44:44 GMT
async_usersync
ib.adnxs.com/ Frame 46A9 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:41 GMT
an-x-request-uuid
744f709f-c438-437f-9e1e-c5608bada080
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
149.88.27.84; 149.88.27.84; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
csi
csi.gstatic.com/ Frame 11E5 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~ls1bgguu&chm=1&c=3611580827968359&ctx=2&qqid=CITq-L_rhoQDFcECVQgdC_EFLg&met.4=fb.17~lb.45~ol.4a~idt.10t~dt.-2g&met.1=1.ls1bggok~6.0~7.0~8.0~9.0~10.0~12.2~13.10~14.12~15.14~16.46~17.46~18.46~19.47~20.47~21.4a&met.7=CBsQCBgBMCY4mgFoAnAkeIkXgAHdFIgBkjCwAQG4AQM~CBEQChgBICsoKzCBAThWUCxYZGBCaGlwgAF4rjSAAYIyiAGLvQGwAQG4AQM~CFEQChgBICwoLDBlODloLHBYeM2IBIABoYYEiAGt6QywAQG4AQM~CCIQBBgBIIUBKIUBMM8BOEpohgFwzQF4rAKwAQG4AQM~CCgQChgBIJsBKJsBMN0BOEFonAFwyAF4_cIBgAHRwAGIAc2FBLABAbgBAw&met.3=113.6b_2~112.6a_3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4001:c2e::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:42 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum.js
pagead2.googlesyndication.com/pagead/js/ Frame 682F 		65 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b290618c6a5c2dd4b007f08778431d033d20fd379b4e9dc4f173e11e2a965116
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:06:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
3080
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24657
x-xss-protection
0
server
cafe
etag
1770201614985610734
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 05:06:21 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 682F 		953 KB
96 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4073761699900862&correlator=360923313105084&eid=31080116&output=ldjh&gdfp_req=1&vrg=202401250101&ptt=17&impl=fif&gdpr=0&iu_parts=21927187246%2C55034_Sanook_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&didk=607409652&sfv=1-0-40&sc=1&cookie=ID%3D3c78105478a70ea7%3AT%3D1706677061%3ART%3D1706677061%3AS%3DALNI_MY0AvCiT1hErVYGJou7mUM0n_QTRg&gpic=UID%3D00000d4d600b9ce2%3AT%3D1706677061%3ART%3D1706677061%3AS%3DALNI_MbQx-TYLJd47-z6dVm07lQyYak3VA&abxe=1&dt=1706677061742&lmt=1706677061&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=to8eu86uuss8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.sanook.com%2F&ref=https%3A%2F%2Fwww.sanook.com%2F&top=https%3A%2F%2Fwww.sanook.com%2F&rumc=4073761699900862&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ga_vid=1952691386.1706677060&ga_sid=1706677062&ga_hid=471863195&ga_fc=true&dlt=1706677061483&idt=244&adks=178697795&frm=23&eo_id_str=ID%3D367d483ed7ba481b%3AT%3D1706677061%3ART%3D1706677061%3AS%3DAA-AfjY_kmWpJ1CWRDtd7vr5zu7B
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a68ecd6959d69d72a7009ade4039b100f1d1a929fa16917530b65ef15a2176d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98572
x-xss-protection
0
google-lineitem-id
5849485604
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138373690262
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
67c897cbd6241acece1c5fd00825086b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5FF4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://67c897cbd6241acece1c5fd00825086b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 04:57:41 GMT
expires
Thu, 30 Jan 2025 04:57:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame FBDB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3sDQKMM6BH1b5wKwg-Cpm0i_1dnfJ-C87qhcu7se9JWWaS7RM3yh_bC0DzYWzhfQr6DxJnPr3tW20tPW1RRN5TG3qfpywGSCKnoIaX8D8tMUgnCHRlHkIe7XXOlbz1NLi3DRJ7x6gEq8b6sQ130QvruoBwLpXKHG9B8MhWOM-ipHPe5I_k7ybBSDVqigvTayWbVop2HN8ojWQpDaET_WHGxlGmzRR7j_4pjzaPypi9bm1Jlj7Wp4pmOnuFWlaPpc1lL6eo9QrBuHmMLL0S-1Ktlqud3oUx-73PWnVIetcsU9khixXwHxv7WcihkNtnpt2EjS8EGmGOXxVZpTJMSYmlHIe1jxT&sai=AMfl-YSRLkOEBj7Pnaf5jzLXDmViBIZOdJz7KjdWBEcvlTmgfTcvJXLvkdVsxhZjDkXno6AoC0K-OQiVutefnYi2utxX0r56BnboPMJuOzsDsuIRSPhTr7JqwLJCfgI5jQ&sig=Cg0ArKJSzPX5meLnDNYWEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
check
rtbdemand.apiip.net/api/ 		229 B
416 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtbdemand.apiip.net/api/check?accessKey=7ef45bac-167a-4aa8-8c99-bc8a28f80bc5&fields=countryCode,regionCode,regionName,city,timeZone,countryName
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7bb012c687f4e38f9edbfc14fd7ec2f5a0840b484c1502374106af036773f5bf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:42 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"e5-2Nr25eWLJrrp/LkJpHrte1fkcBU"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
84df60159b7d37f1-FRA
alt-svc
h3=":443"; ma=86400
apstag.js
c.amazon-adsystem.com/aax2/ 		283 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f7735fce76148ac8c6e0b5e52174312873694d58501188d7c517689343d8775

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:38:32 GMT
content-encoding
gzip
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront), 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jan 2024 20:58:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
1151
x-amz-server-side-encryption
AES256
etag
W/"40d0d68b26a97aab8ab324d2c4d4ad42"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
dII4rOcw0nhGX5yFBJJ8AVGBcgOAAqCWF39Twm3IDbvX6b2Ts5l6Xw==
a.js
p.adlooxtracking.com/gpt/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/gpt/a.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.231.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
08e17785e0ad9e0247e2c5035d48d6d58bff8fcd77cee72380f9e01e2889a1a7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:50:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
server
nginx
age
457
etag
W/"ea97bcfeebc6da8cba2cc8cbb01e5a8a"
last-modified
Thu, 11 Jan 2024 17:36:23 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3550
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame FBDB 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78788a484b77f37f7426b9bd6f15cd74c9ef95a46537de4c6a6f87ecea090d4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706532320618808"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Jan 2024 04:57:42 GMT
khaos.json
token.rubiconproject.com/ Frame 1DAD 		7 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
container.html
d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1AA6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 04:57:41 GMT
expires
Thu, 30 Jan 2025 04:57:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012401091919000/ Frame 6D2D 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012401091919000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e874111442f36d488f5e4a7f742391a8c02b70c60b333454fe4f85a3b26e3d5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 30 Jan 2024 18:47:39 GMT
age
36604
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56104
x-xss-protection
0
server
sffe
etag
"cf7caf439f3410f8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 29 Jan 2025 18:47:39 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012401091919000/v0/ Frame 6D2D 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012401091919000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d79a688e4e23466eeee3ab0d7d3a99a0588b1aa1c7ae0f4fedfbd498c9022eb4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 30 Jan 2024 04:46:22 GMT
age
87081
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5212
x-xss-protection
0
server
sffe
etag
"d5f0e0ea1e5219b8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 29 Jan 2025 04:46:22 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012401091919000/v0/ Frame 6D2D 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012401091919000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36726fd194e9e08908bb49a382c3fe0b70ee41d480b09869b5aa70c81fcabe7f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 30 Jan 2024 18:58:08 GMT
age
35975
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29119
x-xss-protection
0
server
sffe
etag
"7ed328db9ca95286"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 29 Jan 2025 18:58:08 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012401091919000/v0/ Frame 6D2D 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012401091919000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
643fe707091c6e32630daf29adabf146aea6096d30af0367bcddbe54c19bcad0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 30 Jan 2024 18:57:18 GMT
age
36025
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1910
x-xss-protection
0
server
sffe
etag
"b1b3f9c71858a21a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 29 Jan 2025 18:57:18 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012401091919000/v0/ Frame 6D2D 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012401091919000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
062e7c29b1c3e36f8684e7e298346efe23cd760daf282103361b0645d843c686
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 30 Jan 2024 18:54:28 GMT
age
36195
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12971
x-xss-protection
0
server
sffe
etag
"0e9793e292f94cd9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 29 Jan 2025 18:54:28 GMT
css
fonts.googleapis.com/ Frame 6D2D 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 31 Jan 2024 04:57:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 04:57:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Jan 2024 04:57:43 GMT
css
fonts.googleapis.com/ Frame 6D2D 		4 KB
728 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 31 Jan 2024 04:57:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 04:00:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Jan 2024 04:57:43 GMT
th.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6D2D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/th.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 12:11:05 GMT
x-content-type-options
nosniff
server
cafe
age
60398
etag
12800268860518071124
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3306
x-xss-protection
0
expires
Wed, 31 Jan 2024 12:11:05 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6D2D 		344 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:01:23 GMT
x-content-type-options
nosniff
server
cafe
age
35780
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Wed, 31 Jan 2024 19:01:23 GMT
11056217529107884519
s0.2mdn.net/simgad/ Frame 6D2D 		357 KB
358 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11056217529107884519
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f333d0f522ba8ca868c8aefc91b50fd3b48de2243629ba9f3326851ccf94b270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 29 Jan 2025 19:07:22 GMT
date
Tue, 30 Jan 2024 19:07:22 GMT
x-content-type-options
nosniff
age
35421
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
365739
x-xss-protection
0
last-modified
Tue, 09 Jan 2024 14:31:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
12901215136351804481
s0.2mdn.net/simgad/ Frame 6D2D 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/12901215136351804481
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59fea1913aa560263c77df5e4f9232b16b26a5528d74dbc15096567513921509
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 29 Jan 2025 18:55:04 GMT
date
Tue, 30 Jan 2024 18:55:04 GMT
x-content-type-options
nosniff
age
36159
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4504
x-xss-protection
0
last-modified
Thu, 02 Dec 2021 11:18:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
l
www.google.com/ads/measurement/ Frame 6D2D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTPxFqxLwcNNMdMTRV5bO5TW3-Qpuw-AH8d_OunAYmfC5pT7ESYaWVfC1W9ylma3q1fOFP4XZJ_jW89MApxnXgpmp_g4w
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
905ababb31917acf0113.css
s.isanook.com/sr/0/_next/static/css/ 		47 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/css/905ababb31917acf0113.css
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-1cbb336ff82ed96296a3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
6573600e0b8e8846b336b6bdd25cf29487f066ed5960befe0a17e9a1d74e6081

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 03:43:46 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
server
Lego Server
age
0
etag
"6566af67-bc92"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-nws-log-uuid
7313795677308533124
accept-ranges
bytes
content-length
12602
expires
Fri, 29 Dec 2023 03:43:46 GMT
9454.61de48987f4d139f1548.js
s.isanook.com/sr/0/_next/static/chunks/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/9454.61de48987f4d139f1548.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-1cbb336ff82ed96296a3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
23c9e469b02fc58673c60810e43fae54ccfa7adb40d7e3e9ca0f5e46f49d7422

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:43:08 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Tue, 23 Jan 2024 03:41:25 GMT
server
Lego Server
age
173
etag
W/"65af3565-77ed"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
15412720950826968118
accept-ranges
bytes
content-length
8893
expires
Thu, 22 Feb 2024 03:43:08 GMT
1313.727cf0dc81b7b3ffa45c.js
s.isanook.com/sr/0/_next/static/chunks/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/1313.727cf0dc81b7b3ffa45c.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-1cbb336ff82ed96296a3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
a6567a73843ae1d2c0838c75d75bece7ce7dda4b13139d8d2446a7e0d0703a76

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 03:10:25 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
3118
server
Lego Server
age
60
etag
W/"65add99a-c2e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
14263534638254805165
accept-ranges
bytes
content-length
1150
expires
Wed, 21 Feb 2024 03:07:22 GMT
truncated
/ Frame 6D2D 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d47993a0cde3864e7e53cb9a1990bf65e7e23c2e32d1c31253e8dbe86f71c871

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
cd6cddc5-4dca-4d77-9a65-8b894400e772
config.aps.amazon-adsystem.com/configs/ 		564 B
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-39.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
8babda5f5618afa1eb4f87730609530205f243eae55dbca64e34fc42b4d36227

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:20:19 GMT
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
2244
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
eSR0_8eeeBS5Yx9WoBH4RKUjmoxoY6fW7k6UvN6roTkWon2ZSzq7EA==
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.sanook.com&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
Server /
Resource Hash
c86d792f85479bc941b4eb8e817e461f88e5b57097f65c48529b509857bda2ea

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:28:00 GMT
via
1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
16182
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2196
x-amz-cf-id
b0s2crD_iJsweTtA_WCKJfCkhMxjbjg5GIViciARGwGuVmXPd94UoQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
date
Wed, 31 Jan 2024 02:24:52 GMT
x-amz-cf-pop
FRA56-P6
age
9172
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
_IJWMrfINc6OziJMpbVGzvkmMnGVFNGMGFDXb0NabDe4tnXzOSobDw==
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6E35 		499 B
203 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfbKRC66ykYlNvagAIwAQ&v=APEucNXe_uufkkBrbq-xsui5gSF0enKXmfY3wWGi7f08tadKm6bIGxMf-TpxvZ4ohxVRRYeltfB7Ge8ZQoAgVREztY2L7y33z1nwTouq30GR7xORg8vMVro
Requested by
Host: d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
URL: https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
183
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 04:57:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 1AA6 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
URL: https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 04:57:43 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1AA6 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AEpboioEkOlLEy-HeZmmloTVv0tfTEYStufn0Cki0YIrwMTdu5Ww3E06vSC9yVMyRtoz_OEUM4zGcxKf1hhaFqqgbqy9xqikwLYJESrSLB0PzkXjc
Requested by
Host: d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
URL: https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 1AA6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
URL: https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:12:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
35089
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 19:12:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 1AA6 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
URL: https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 23:41:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
18946
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 23:41:57 GMT
l
www.google.com/ads/measurement/ Frame 1AA6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQzaySVQQRR4uJuml2XK529Pyxt24S6kCymwg0iXnsUrBlnDt4wAAFhw_-7iBEKWjoVoBBzflCMZi5W7TGziEE9qqkXbA
Requested by
Host: d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
URL: https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 1AA6 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
URL: https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78788a484b77f37f7426b9bd6f15cd74c9ef95a46537de4c6a6f87ecea090d4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706532320618808"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Jan 2024 04:57:43 GMT
videojs.min.js
s.isanook.com/sr/0/js/videojs-v8/ 		545 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/js/videojs-v8/videojs.min.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-dbd0cb309ee161b5c4fe.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
93191b26f0c23a09a2fabf5e0d71815caab853f55f7ffd3d9b053d7703fadfec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:34:55 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Mon, 25 Dec 2023 07:18:06 GMT
server
Lego Server
age
207854
etag
W/"65892cae-88408"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
13328213609869593851
accept-ranges
bytes
content-length
167762
expires
Sun, 28 Jan 2024 19:34:55 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		377 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-dbd0cb309ee161b5c4fe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
177ac7e09a74a55db9ea5543046664aabb5e04237dfc14a4338f09904ae38e6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132612
x-xss-protection
0
expires
Wed, 31 Jan 2024 04:57:43 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Wed, 31 Jan 2024 05:12:43 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.18.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-18-118.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:12:54 GMT
content-encoding
gzip
via
1.1 0bdea9339f79fea2216fd97b3f7856f2.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P6
age
9890
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
v3IFvnFJ3rgDtftVUyjs-UiQ3xk04lMVJ6d3lFiLFfOmgu9lTBx8tA==
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.sanook.com%2F&ref=&_it=amazon&partner_id=632
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 29 Nov 2023 15:31:45 GMT
server
cloudflare
x-amz-request-id
01CADRK6PEVBEZB5
age
1790
etag
W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
84df601c6abe18da-FRA
x-amz-id-2
flKA/w3j/xi2gJ65jogAIT1IJi47Xyyg7sUYQQ2R7nOR/7B5jvPTNgJSLJ3NwqiCDc6W3Pg1WdM=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		87 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b63e543d612152f5b04c6e77f5f8797cb13416c9c2e4440705565bb60d9d8373
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 30 Jan 2024 10:08:32 GMT
server
cloudflare
x-amz-request-id
9STWTG5Y13902A0H
age
8
etag
W/"e88c8a94cbeb20543c62bf06c653a335"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
84df601c2e27bbe9-FRA
x-amz-id-2
EAuS+XjpI4/+yiZzASYiD3h+O46067kCsGEuHLc/UB9FNz7cceFLnjitSCzqt20+s00rSVX/oEAAMYfYGu/YCg==
view
securepubads.g.doubleclick.net/pcs/ Frame FBDB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuplQ2ED5YHSU5tGhx-VaWGFl7n_xVYVTo7u-pv92sYME7xN61_fxu5neuTw3kBXGXHYYksyF2Vme3zupFXFxZSgTa3ePqXN2hVNATjGFugoopd3o9E2qzD2WfZcYPGxtLJfBbb9N-QWWYb1ky03bNhl-bpLvYU-et5Aoe5iBzA71g6mt6H6NgHAtJhb-xl8ilN2_fXIhpzmrG6Lm_PkHnj7_0TqITxdjk8TkzhmToDWZSzPxs8LZbkTU_dRGfYyIcZ-4-Vnf2drNOF4dlRl3AQGbz06Iaya54cbDn-TsoCFbFIYzKT-GY2dYzgunj_eGOAR0hvV9yBRQZixMM6bbtTJM_E4I_WDQU&sai=AMfl-YT62CYP7DU2pKjtSxc2F8d-qitlDoRXXPg9_ceNaF_cvJFlAOh4X0eMjEwN0i_tDTX6vLJYHOJsP27fDLm4jI1B5Bc1OqazhsYQHERPkF_xRMBMJHtoAtdlMhF6eQ&sig=Cg0ArKJSzBjA1uZlthhJEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 31 Jan 2024 04:57:43 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 682F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv77LuW3AIo4yrM7JA8681TfitbQJwTGiwRq-aLnXybawMfGcYllUMrg8L8E4A-WBrdUFDN2IEYFFbPdybLWslrFg3hN8dgB2KyVZr_sEfnBj7GrO5fyFwzvCcqVxqLKesH3aKjH259IIW8d5iukAugRfBYMEVD0tTvlsKeC8HSwj0VL-kmpNBfmX021wvwUVQjLGSbZJF4ye7z-0Sc9gblb5ebsL3aOxYbpW9IdoSZ4lj-TxHnKtpCp1-9rwDp5laHfqvKfzcWK75EVQKGZBUGImbUthjGvUT-R2y-KjiuFpnXBZbjCEJTLv9MFlEvUZX0VrAJ_Bdmmsk476QiOdIU_zCTBOquHXZ7WGrcRGE8ztCGvJMlzugnGxYaBWE&sai=AMfl-YSxIu6s1SwIf0NwmWx5J-fReTcaquXnHzAZgSEYoT8KnydIr7I43KvXuk8Rmx477wbHxyhSjiTmuLnvvpmQhHl-DtDNMRUAFJYMINutQn3s8fU4TIJHcZLcfuf0aZ8N9KI5Q-N6MoQtvpi0Ac_WXVM&sig=Cg0ArKJSzPde6rY7aH_yEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 31 Jan 2024 04:57:43 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 682F 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401250101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e9c94518cc2164abb6d888be62f2d36fe7b84346354f245ae1342b288a25af11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12262
x-xss-protection
0
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 682F 		65 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b290618c6a5c2dd4b007f08778431d033d20fd379b4e9dc4f173e11e2a965116
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 03:58:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
3573
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24657
x-xss-protection
0
server
cafe
etag
1770201614985610734
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 04:58:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 682F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=www.sanook.com&doc=complete&pg_h=0&pg_w=0&pg_hs=0&c=0&aa_c=0&dt=d
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6E35 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfbKRC66ykYlNvagAIwAQ&v=APEucNXe_uufkkBrbq-xsui5gSF0enKXmfY3wWGi7f08tadKm6bIGxMf-TpxvZ4ohxVRRYeltfB7Ge8ZQoAgVREztY2L7y33z1nwTouq30GR7xORg8vMVro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6E35
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAAPUVtqp7TMwuirtzyD7Qg&google_cver=1&gdpr=0
0
0
rrum
dsum-sec.casalemedia.com/ Frame 6E35
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
0
0
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6D2D 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.sanook.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:50:29 GMT
x-content-type-options
nosniff
age
36434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 18:50:29 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6D2D 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.sanook.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 09:10:14 GMT
x-content-type-options
nosniff
age
71249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 09:10:14 GMT
csi
csi.gstatic.com/ Frame 682F 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~ls1bghy0&ctx=0&met.3=113.19q~112.19p&qqid.1=CJ_NjcDrhoQDFd46VQgdQiYPQQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4001:c2e::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hadron.json
id.hadron.ad.gt/v1/ 		95 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=632&sync=0&domain=www.sanook.com&url=https://www.sanook.com/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.sanook.com%2F&ref=&_it=amazon&partner_id=632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bd5dabc4e8e00076f6bc7c2fa9902b27d32af31dc3094087f178e74df218c95

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
84df601dabd271d9-FRA
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=632&sync=0&domain=www.sanook.com&url=https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.sanook.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
84df601cdb7471d9-FRA
content-length
0
content-type
application/json
date
Wed, 31 Jan 2024 04:57:43 GMT
debug
OPTIONS block
expires
Thu, 30 Jan 2025 04:57:43 GMT
server
cloudflare
si
googleads.g.doubleclick.net/pagead/drt/ Frame 6D2D
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Wed, 31 Jan 2024 04:57:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1AA6 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1AA6 		0
0
ad
googleads.g.doubleclick.net/dbm/ Frame 1AA6 		0
0
prebid-custom-richaudience.js
rtbpass.andbeyond.media/ 		602 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e703a095f6114a9905c889cd75b7bd1059a758b00d3c01ca55f3f064a686a389

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
content-encoding
br
via
1.1 varnish
x-amz-request-id
YQT22F2Z435FRYDT
age
28
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
190838
x-amz-id-2
elT7Kvd5Ot5og4CgnQInSKpGYS7QK9e4DP3ustkLTvlPaG8vn/dbUqqwLwnWJBonVUuC1DL/7R4=
x-served-by
cache-mxp6968-MXP
last-modified
Thu, 14 Sep 2023 12:35:17 GMT
server
AmazonS3
x-timer
S1706677063.265320,VS0,VE1
etag
"5557f783869e27322374ad505b755076"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=86400
accept-ranges
bytes
x-cache-hits
1
bid
aax.amazon-adsystem.com/e/dtb/ 		166 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sanook.com%2F&pid=WnTJQiGj14B4E&cb=0&ws=1600x1200&v=24.117.1925&t=4000&slots=%5B%7B%22sd%22%3A%22andbeyond3001%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21751243814%2C4899711%2F55034-300-250-1%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!andbeyond.media%2C132006%2C1%2C%2C%2C&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22ced88968-8c23-4dae-93b8-1f87345c7a87%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.47.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-47-29.fra56.r.cloudfront.net
Software
Server /
Resource Hash
230e75f246a0963a4a50f5d569d35a5d61fc911f0813c1789617dee5f8e3b381

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
via
1.1 6c21a88f98dc05bf345d31b96407e6d0.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P9
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
166
x-amz-cf-id
TE4lDTS_DK-8BqYak-AN26Kwy-otC50h-OwHPafM701SkT-FcxzQdw==
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 682F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 31 Jan 2024 04:57:43 GMT
tap.php
pixel.rubiconproject.com/ Frame 1DAD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/5t7lPs4HsM1qlMjHm1PS3Q?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-v6O.ns9E2oJANCXnWUMCePm3PfLy9OyVpHIQzQ--~A
42 B
883 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-v6O.ns9E2oJANCXnWUMCePm3PfLy9OyVpHIQzQ--~A
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 31 Jan 2024 04:57:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-v6O.ns9E2oJANCXnWUMCePm3PfLy9OyVpHIQzQ--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1DAD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFMxQkdHTVUtNi1KREI0
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBHjaWHNt6YNupyCrzhLPqY&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFMxQkdHTVUtNi1KREI0&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFMxQkdHTVUtNi1KREI0&google_push=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFMxQkdHTVUtNi1KREI0&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e06182bf224d96e6550f4595601cdb0b
Expires
0
rubicon
match.adsrvr.org/track/cmf/ Frame 1DAD 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
server
Kestrel
content-length
70
content-type
image/gif
ecm3
s.amazon-adsystem.com/ Frame 1DAD
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=8h7x7ApITyqehqQP5n38lA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=8h7x7ApITyqehqQP5n38lA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=8h7x7ApITyqehqQP5n38lA
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 04:57:43 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FT122ZF0KDSSCP5CYKPK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=8h7x7ApITyqehqQP5n38lA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 1DAD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LS1BGGMU-6-JDB4
0
673 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LS1BGGMU-6-JDB4
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 555AE06587884AB99AFEDD599744E7BB Ref B: FRAEDGE2007 Ref C: 2024-01-31T04:57:43Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-source-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYQNrgcQOVL8JlkS+wM9A==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LS1BGGMU-6-JDB4
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 1DAD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDU1Y2MwZDIyZmJlMzU4ODViN2U3NWJkNDg1YTZkNTJhNzk5MmUxNw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDU1Y2MwZDIyZmJlMzU4ODViN2U3NWJkNDg1YTZkNTJhNzk5MmUxNw
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDU1Y2MwZDIyZmJlMzU4ODViN2U3NWJkNDg1YTZkNTJhNzk5MmUxNw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
402fba8a82f093def2459220061c8d31
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 1DAD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAXkLaOQ3ckyn111ReepyM4&google_cver=1
42 B
883 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAXkLaOQ3ckyn111ReepyM4&google_cver=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAXkLaOQ3ckyn111ReepyM4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 1DAD
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LS1BGGMU-6-JDB4&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LS1BGGMU-6-JDB4&ex=d-rubiconproject.com&status=ok
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 04:57:43 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
G6F2F0BXB08EEQCR98PP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LS1BGGMU-6-JDB4&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e06182bf224d96e6550f4595601cdb0b
Expires
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 1DAD
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=dRKhfsfHTZS_vpgiRDVq2Q&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=dRKhfsfHTZS_vpgiRDVq2Q
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=dRKhfsfHTZS_vpgiRDVq2Q
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Server
67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 04:57:43 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GXK55SJCMH4BP4CYG4M8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=dRKhfsfHTZS_vpgiRDVq2Q
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 1DAD
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADi3k7Lc6cAABQCAGhMTQ&expires=30
42 B
883 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADi3k7Lc6cAABQCAGhMTQ&expires=30
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADi3k7Lc6cAABQCAGhMTQ&expires=30
Date
Wed, 31 Jan 2024 04:57:43 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cksync
hb.yahoo.net/ Frame 1DAD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LS1BGGMU-6-JDB4&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LS1BGGMU-6-JDB4&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1UeTY3aEZwRTJ1RUlUVWxvaDNoQWpZVDBKTFhXVmFLS35B&ovsid=LS1BGGMU-6-JDB4&dpid=58160
56 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1UeTY3aEZwRTJ1RUlUVWxvaDNoQWpZVDBKTFhXVmFLS35B&ovsid=LS1BGGMU-6-JDB4&dpid=58160
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
2.22.242.107 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-22-242-107.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Wed, 31 Jan 2024 04:57:44 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
56
x-mnet-hl2
E
expires
Wed, 31 Jan 2024 04:57:44 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1UeTY3aEZwRTJ1RUlUVWxvaDNoQWpZVDBKTFhXVmFLS35B&ovsid=LS1BGGMU-6-JDB4&dpid=58160
date
Wed, 31 Jan 2024 04:57:43 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
tap.php
pixel.rubiconproject.com/ Frame 1DAD
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=6ae51bd1-a233-4fd8-98f5-ddbbd65f9a5f&expires=30
42 B
883 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=6ae51bd1-a233-4fd8-98f5-ddbbd65f9a5f&expires=30
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=6ae51bd1-a233-4fd8-98f5-ddbbd65f9a5f&expires=30
Date
Wed, 31 Jan 2024 04:57:43 GMT
Connection
keep-alive
X-CI-RTID
7ac7848f-672b-4876-bfca-4622cdae6963
Content-Length
144
Content-Type
text/html; charset=utf-8
v1
match.sharethrough.com/sync/ Frame 1DAD
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LS1BGGMU-6-JDB4
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LS1BGGMU-6-JDB4
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
18.157.105.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-105-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LS1BGGMU-6-JDB4
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e06182bf224d96e6550f4595601cdb0b
Expires
0
pixel
capi.connatix.com/us/ Frame 1DAD
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LS1BGGMU-6-JDB4&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LS1BGGMU-6-JDB4&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LS1BGGMU-6-JDB4&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
84df601ec9719137-FRA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 31 Jan 2024 04:57:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LS1BGGMU-6-JDB4&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
84df601e693f9137-FRA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
magnite
prebid.a-mo.net/setuid/ Frame 1DAD
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LS1BGGMU-6-JDB4
0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LS1BGGMU-6-JDB4
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LS1BGGMU-6-JDB4
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e06182bf224d96e6550f4595601cdb0b
Expires
0
liveCS.php
live.primis.tech/live/ Frame 1DAD
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LS1BGGMU-6-JDB4
0
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LS1BGGMU-6-JDB4
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
2600:9000:237d:0:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
content-encoding
gzip
via
1.1 9f8416bf8a85d328bf3649469ef2a474.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MUC50-P2
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
uV-qjj7GKSd7ExBkLOrRMTUGELmT1MnztLMguKCgbo5m9yZF_2tEdw==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LS1BGGMU-6-JDB4
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
adsinteractive-_adv_label.
fundingchoicesmessages.google.com/f/AGSKWxW3CwXOudg_Tc-vwKeXRaSJ6qeb3HUkLiDifFrUaYSfDeMzbvGpNGnxbnWNVOwhKVRYuc5rXWpe-wZanxiZnAeQyZXFTP-7Sg2Fptj_mKywZNn2eQ4z0Z_QmlPOvztQeycxQMT5FHUglASTFQ22DzM7q6KuK... 		54 B
110 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW3CwXOudg_Tc-vwKeXRaSJ6qeb3HUkLiDifFrUaYSfDeMzbvGpNGnxbnWNVOwhKVRYuc5rXWpe-wZanxiZnAeQyZXFTP-7Sg2Fptj_mKywZNn2eQ4z0Z_QmlPOvztQeycxQMT5FHUglASTFQ22DzM7q6KuKe5B6jh_fsvoUru9ROkWZ5piWGSI1Gvo/_&Ads_DFP=/adplan4./eplanningv4./adsinteractive-_adv_label.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.lMIzdAKKDEY.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMx30KSgFiR5BFnNJbpBGjmlO4oozg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0da77faecd6d179ee90d81ff49357f2bde86b6a5d4c5314e4958f33e32a14669
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Qpz6yriKdrBxwqwiqbyXCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Qpz6yriKdrBxwqwiqbyXCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXF4KkhxXDi1m2mC0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgLsh-zlQBxIx_XjBxAvG7Ly-ZBL6-ZJIAYi0gfif5iukbEO_w8WB5Ez6dlS9iOuvpgumsl4GYrQLIB-K4uumsBUDMt246q-H66axbzkxn3QPEMc-ns6YA8WLWGayrgXhK4AzWOUDcEj2DdRoQO6XPYA0B4s-ZM1h_A3HZ7XOsdUAsxM1xfNnztWwCD65vzQEAOlRdtQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.lMIzdAKKDEY.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMx30KSgFiR5BFnNJbpBGjmlO4oozg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1b3c84a38074c64ee80ca535929f5593d556a0174108bf3ff6f36ab44da0c22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51620
x-xss-protection
0
server
cafe
etag
1358216616834146193
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 31 Jan 2024 04:57:43 GMT
AGSKWxW9bxSum7M2zMqKxWGcvLOVIk9nJZwagrm3timP9RuQqLTfZom8E7mtD8h9EZpKrHEFKTSPu7tT3aDbx5lDlWkCUqL_zjYVzPBRHhwtafMRY0YkkspUIXgH4gUEl-zTGmPbS2X3AA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW9bxSum7M2zMqKxWGcvLOVIk9nJZwagrm3timP9RuQqLTfZom8E7mtD8h9EZpKrHEFKTSPu7tT3aDbx5lDlWkCUqL_zjYVzPBRHhwtafMRY0YkkspUIXgH4gUEl-zTGmPbS2X3AA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMydysWSwbIpNQ8XJtR_bqujs8v2Qw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JpCt3pDizkwDqo-VO9ADow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JpCt3pDizkwDqo-VO9ADow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmII1pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH4_iy52vZBBrW7u5jBADviCBW"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.sanook.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 6D2D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C5IQTXTEndu9diO5tPYXNEWW4ygbhpeDDpidY5oOr7UGvLHRR_ZmHTL2VArspvUkO2_Qnf2J4GILV_cppwYveNGa9BKmti9hqjaFfnn9OVvCLG43wmAyfU1gR5VrSh3fm385F5y17rk5kEgkad-rFXv2zVN0syUQxe-SHNbCFkkDr0pCc&cry=1&dbm_d=AKAmf-A3x1UYt8HgVlhscA0cTjAvfkS-C4Oi12ysYM3meu_xTfFlvWeDcNhnl5Ko5V2LXbIXTT6qqj3ejyor03lcqxv8xepRhLSmzNFbgVTbm_hE_80mDrn9j_TAJVymzn5G5AAB99greXWXafZ2qiuxlY06_gdbRwKuongmHm8xZrlTRhBoyAXLq8VIQcVAQ0kdFPd63McvEg6sqpSG9N7VKkTCzHnp6fr2pSyl9cbGqw7q0aTsyGpd_IBk91K-tDU7nY0StKHFxW8d3nOPcyyY4HuABJtCOQYJwX9RXCfO3K0o7d35YwJX9UtTZA7lqFunCdKt7Ru1d3s_fjLQmhngBhWOiUZ-euDNJiR9X38ZmORlhV3_pmkjON7SKXnw1ZNZHFjDMD8cXGPiQamAkyb6MmyC0pQVOLeHNyol3Yp1q3tp_elKhAFs1OxFQQn1x8xQFTlzsvjf6izLAz5PLR17YFfVk3HWkZ2UFznJg2IEUs206hU1C8EnTl4Auva55CNwu_sun7j4TB2r5AF0ZUQ6N4Ni6BJgkTEf-rXUSJKhvOdEDlmoB_3qU5CGUihMfnD7I5yK9QxIi_QAH2nZLV6BoRKhgRWfCLHe8ncswP4-70hJ63Awdnb1vhTUdjeVBol5hrEtDJ1X0ejdyUWpg4pIiEVhxbDpsfMBPzOzZJJD3BtYCJTnWnKvDc0qm4qL1AlDqKugDmT7w9J0uPubd32Ek9wLPWkDbaK_hd15U9AnaGZBw2EB_jRzMLIl1_Xhf1EAZAAsHi0u8Smx_IGGoceg67JUibeKuM5Nuoqa0e80GLI-9mWAfiqL8z4KSC_Bduq_DnCrc2H67KxExQlDc0wsEf74sfxemcS2V4KAgMQQUxk0FAQmQK36qX2q-0GOOf5vDNVa1JzWWQCgSXDYtDG1k9rimS6DUulRSHHk3L6H70YnSgO_oTYRtH6F0cTE6oFVngQf9LDDj7HFh5HGgOJpdoQ71mQ6C-WiDhEsZinjGzNj2BigGp6OvpxRIK829pAfq_VLM4aTO5QNGQ7RfvZyQzyqL2CwDW38KqG21lUm-jFf0136n9HfFMFSfuihPc32_ULxT34vOetbUp3fwTVoUBATDY4VCcZVwJJRzbI08FYo-_fqsIWeqstVYYRLVt4tATKpPkNjxLHcepgRPVa-rLbe1V7EkxHqzBLAYlNR58xefqPD8jamGmH5i8yWxDehV7uA2YScs1rKhNAm2feYlBOMFNS3f67sbBuCP4FbGtT0xnXPVBnoqBsHSr7juGyFvlmykcfw-YpoF66rX83pvV5BLJ6zWwtlrqVE8xrCyLVudAGawAXXlj75j-sl6JWOBfIze8iltJjvARKBEKbPVEkkfHS0YULKAK3bGiqoJ6S2YPP1NMuk92tgLVldiA_zk3JHYjQ318DfGg1JvjKyeAEVmZTJzyCl0m3BGLbddWer8EK0-BFEoTLwqaP5ohIJO_hsiTbbppEQ962PAtT5PCemlQjDWJWA4qpqVS4eNto3zfCdcmcfz-crd4ZbXDVzTT4m0zEUEVwLGvJKwiUjk7uFQpP4jjsRv3k-fE10kSXytLz4j-yBPsWpM2y7D8QZ1zHFWkWddxwrPomDUxloNva2ypjElsublXXReqelMXKyVJujN0qJOuQnXkEs2ebwU2R7388kFU45l50-fjCtHdoyRC4okfOrAC_V02k6j1YZIkeiyvI1XY6akkbEVcm6LLAGifxolDZ-fAPDLDNTgo-9foQCxzBn_VXJCbd1KwQbAdHCKRrzUUs-1O4A65FBTCyrvVqOs4DH4PAdlZLvqxqacJqWuQt0lyh4P_UwisNT9ZGIIPnSrQrd9UYaXysrM1mXdppLgmeZw4f_Gt4h6TzxOY1TvWVl-WRHpOroa3Tp2SmfsFYULkPi-N0j4czZ0GCI3GgVZqoADCBjmH8vg4Fb2u6x3I7BM0eLT21PyIu8Pr4_Q6xJWoImz5Q57UWhIso5lzhkPnNS2Aex6MkhjmN9WRP4rvdy9k5EPxqZS4IfAQIaE0t_40MYXcDPVxZHwFtR4gWchcBfWRx0pgJrUPfOHzUn-bqM13DoenxLGWw1FSh7W7q7FFRumPCe2EbMptJ-fepY97YzxN6Ke0kkXQTAfhlycOvaB21A26wexd0deskQk4rLQZfIzsckalVLZy1wn6a9brEwhI2jPylRS117u2XxGWvqCb-HGnC4kWtQDf3uswPPmnS_rMcFQ4hNe_Ghso7uPrSjTFnl2uf1TtulXeWw746TJZk1RiOxIkByjSZPEpeR7KAVMdW8asMuRA5j1mbSIseoPkwsDROV9NZp8Ifo2s8pV2cauJDt8sJUrMKXrOdUEUCSqxPOPvg7ofNflOldaVyLt4mK6oTS3Pzvb1d_uO0ef-Wwe1GbAcdyIZRbjrv68jAHkkn6YebXXJlPgVkeyv0rlSPL33MrGqV9pai864zZId-bo16AP1cd0D-F6VZ5f0U4bver0mUT6KlVMwmSX1SRQGExoUey2l76eXilJmoaWGw79tqqBrqfTh7kPBvbJVO07P8h8xRwIaKNwfrZ_8azzhUYVLNpHvgj4JDg8z8hQnkyuaYC2BmGCPpO4X-Sv2v38aiJHd8jvmkmRJsBfvtM7V7rjUnlQbw0hX6kGo4_d0QEeNCUgIkFaJKJGDXdDp0rHQjFJ6cR5YNJhUt-RmNLkhHNSRORdQttJrV6SXMefjtDdJiFDMIQfm6RQRV7BrvE6NWXKIi1spqtuErWsvdskJZRRqlHVVysIBJWanjqKdA2VkMYGwa2verFcSDMIFnRt9XUTU9p2nP6h0ws3tswWeJIGzlx-Ykj3-jG7yElVrmygCkTe-xk3H_OZz1RanqFdLi0ooDjVXxs6rPtklCEGPPbYnCLGxRAS1vaxHr3zqlBCZnEdd66L1-Z4yYtC7FJy1cwNZ6ZyG0cIUEwW4saIBrTfMQjfVwn2thKsLthvAPP9bwkgULtJd5hzWcEfu_Sqk-gE9i32-GNp0Exs4XfeV9gjyHPCH1OlPswAZ7SJTI3EQg3_r77tnT9Qzgxl_KQZMEFaWGOZ6_NGUHTC3FQ-WmW06V_nSIjlRHkgGiM7CSWRqXzg7lmuGb-uxuctZI8IV87GiApbvkirp3BBMAk2HMIdJ_sl8S9XcQeGVNnU4beM60mscHYQy0peZDFiD2vAlJcnMiNsSxHuQ8T8ai4suOx3wBMUsr_NFS4EpX8YifIwNGJbJlrErIMIlL8-6KEV4An4w04XNfUWD0mBXcWFyQh2aEjssSeVht2pe4saZCqs8WyLE1pHYDTHHTdMOwP19YdePjheFCRK2m3tAKeSppsiaF0IORPhP6ALu6g3HvDAxPsneqj_-kQom8VCm0P8l2Oe1ttbJbqz9Rq--nRFKJ220vYhatK2gc_q2rrH_R2z0Y6zf3z0wt5pfPJpPa6ZZlPXLMXv9-feS4pV5t7nNw7_VLFZqgH5OThfdM_GLtxj755wDCdZJKuDSEuoUOxyNhhbzfyjjJW-bzIkxyRElvjV8MTtDY0qpjkwZfCleKhmzbI6CY4FGtk8pX-KLE_WKhAkCuKEJ6PrAKCtNXx7KBWcXflCHj8fhs2mKj2UYeq2qVUobgakOBjdGNY4JqmSM-IjytwJGiyTBluN-v1vF2qHKhaHDYNZDS7XOaG4LM767lYtFVR3Z9t0iOGr4-OvpOn4Mn4BZjvdLZpHn0TCfzLGaJrjT8IZ2fJatstd_j1BhqM1PstxUrM448vySP0zRkF1OJ2CkaeseIvyhAwEntPTenjCo8-fgU9uAe7YDYGWEutfSkHzjwAfVflu_rLmNi-aSxn--G7nEK8lUg9NqPhEO1xKI6fmANhnX-AOIxUl7PntDCVS6nvJyONcqn-ddV77Fnl2efVVc8EI-jmdl-yJekPSGOlzso6REYeQe1dztgKHVlvTmWTmLQAjP5i3kzPr9quwFaNv_BQGWfVi2hA6yu9vTktWTn0KOGE0nYZMNfkXVBFG3hsnzJM4tpsNZ948vfY2Cv5QS08_m4-JILvM7eSQH0UF8zMTgSj5fxcFtB2bb4eVCMRVhqWX9iRi9D054Me3tmu2LhGekUwwYHvcB7zzH9wKZS7MvtKX7P7m8f6vHwOBTay4448H6tQEkxcov9j-CKU-5Dt_IbSmrJpXoNN2CBCszKvoQ&cid=CAQSTQAvHhf_kGfL8cXN2LRLwzx7Ayw0IzA-dRQUavfOK57mxIjFVS-fD-IdgkK9yvlC6y6LAb0C0JWRTfCkkdDA6KgFePV-9SUbz7i2WNurGAE&dc_exteid=31482634976928105393004004021973478&dc_pubid=4&cbvp=2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 6D2D 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1706677063210&c=3611580827968359&qqid=CJbhicDrhoQDFS4_VQgdOzsCkQ&rt=any.link.5.3k.15.n.1l.0.17is.17ag~any.script.5.40.9.20.0.0.mp7.mgv~any.script.5.41.2.28.0.0.494.40s~any.script.5.3r.1.1z.0.0.1pe.1h2~any.script.5.3q.6.1t.0.0.a8n.a0b~any.link.5.2r.1.y.0.0.pr.hf~any.link.5.2s.1.10.1l.0.pr.hf~any.img.6.t.1.q.0.0.2s6.2ju~any.img.6.t.1.r.0.0.hw.9k~any.img.6.4z.1.38.0.0.3pg.3h4~any.img.6.56.2r.p.1m.0.7ufr.7u7f~any.img.6.z.15.0.0.0.0.0&met.a4a=dcl.0~ol.0~nvs.1706677063006~ini.1706677063210
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012401091919000/v0/amp-analytics-0.1.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4001:c2e::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 6D2D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C41TlRdO5ZdaqK67-1PIPu_aIiAnNsafxdJrykIzFEpLp0uCyARABIK_R2x9g9ZXOgeAEoAGO5dPaAsgBBqkCPmEGGexvsz6oAwGqBJoCT9DxnoqTRCsIuH9QMXYEhbPUSqbmmZKS5maf8CRdjoZRDpmx_oz55cB6aHqb2OYaF_REkDcVltopksPQuo2-t8q9ofnhBR72TDLiL9apJU3WQ9oW9lgma_B2ZVajQQcLdqJbAgqCcxijK4xqTZKR_hhHfjGJeGafKZP02ibWpZqUL8Hh3h3sVnE9-McCjHWQhnUsQj5--cZF5Qms84vl1Ivc0yjGlLRVAkxqsoctlRN_O5JeiNwpMXCLd9wvCwdqSxvC3mNf6eyxeAAal08XduDieVEkvEUFGGW-Yz_ZiYyeQEszK7AWvPZjKfc-kKWTck0f9Q3G7kHxIoyYMk8MAJzaaLSwRstonPr55FTXkH-lVGDDr4d3CErLwATx64PP1QTgBAOIBcejhtxNkgUECAMYAZIFBggbEAIYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGN4AH2pqspQGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHChDMqg0YzK-lgwLSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WOa8iMDrhoQDmgmqAWh0dHBzOi8vd3d3LndpbmdvLmNoL2RlL21vYmlsZS93aW5nby1ldXJvcGU_dXRtX3NvdXJjZT1zcmMucHJvZ3JhbW1hdGljX253LmdlbmVyaWMmdXRtX21lZGl1bT1tZC5uYXRpdmUmdXRtX2lkPWlkLncxMjQyNDQ5JnV0bV9jb250ZW50PWFmdC5uYXRpdmUmdXRtX3Rlcm09dHlwLnBlcmZvcm1hbmNlgAoDyAsBogwIKgYKBKy6sQLaDBAKChCAuPzxjqjT8V4SAgED4g0TCJntiMDrhoQDFS4_VQgdOzsCkbATj_z8FcgTr5mM5APYEw2IFAHYFAHQFQGAFwGyFx4KHAgAEhRwdWItMzM1NDM2MDkxOTY3Njc0ORj3gRA&sigh=hP7qx_V6ITo&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTQAvHhf_kGfL8cXN2LRLwzx7Ayw0IzA-dRQUavfOK57mxIjFVS-fD-IdgkK9yvlC6y6LAb0C0JWRTfCkkdDA6KgFePV-9SUbz7i2WNurGAE&template_id=509&vt=10&cbvp=2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
videojs-contrib-ads.min.js
s.isanook.com/sr/0/js/videojs-v8/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/js/videojs-v8/videojs-contrib-ads.min.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-dbd0cb309ee161b5c4fe.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
c9c20ad719fffd1081503dc6f75fc700b3c296ce6e65354e3767b21377d82aa9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 12:18:59 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
31002
server
Lego Server
age
2041
etag
W/"65a894fc-791a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
653722453141149383
accept-ranges
bytes
content-length
8582
expires
Sat, 17 Feb 2024 03:05:48 GMT
videojs-ima.min.js
s.isanook.com/sr/0/js/videojs-v8/ 		47 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/js/videojs-v8/videojs-ima.min.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-dbd0cb309ee161b5c4fe.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
64faf061ed09cea996b42e0975d7b0425b77b4b50967b211bd5cf375508df564

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 22:05:29 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 19 Jan 2024 03:26:40 GMT
server
Lego Server
age
46781
etag
W/"65a9ebf0-bb01"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9602669467545405906
accept-ranges
bytes
content-length
9880
expires
Sat, 20 Jan 2024 22:05:30 GMT
videojs-logo-v2.min.js
s.isanook.com/sr/0/js/videojs-v8/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/js/videojs-v8/videojs-logo-v2.min.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-dbd0cb309ee161b5c4fe.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
1bc92ddfc5d7de2ed016c4c69b2180991b5eeada35b1c0faca7bf66cd64dc9bd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 03:09:59 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
3512
server
Lego Server
age
13
etag
W/"65add9b6-db8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
112558723009323608
accept-ranges
bytes
content-length
1162
expires
Wed, 21 Feb 2024 03:05:59 GMT
videojs-titleoverlay-v2.js
s.isanook.com/sr/0/js/videojs-v8/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/js/videojs-v8/videojs-titleoverlay-v2.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-dbd0cb309ee161b5c4fe.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
c2cf236896851779b906e821917f1fc6332e8add1a94fdd2aaa2e8ee134a7bab

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 03:10:26 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
6486
server
Lego Server
age
41
etag
W/"65add9b7-1956"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
13770739637472529663
accept-ranges
bytes
content-length
1895
expires
Wed, 21 Feb 2024 03:05:59 GMT
videojs-vtt-thumbnails.min.js
s.isanook.com/sr/0/js/videojs-v8/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/js/videojs-v8/videojs-vtt-thumbnails.min.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-dbd0cb309ee161b5c4fe.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
b79ae3695c2658408d8e846750080aed460c56994fe8cbfcfa0bd1b77e249604

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 03:12:50 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 12 Jan 2024 03:01:10 GMT
server
Lego Server
age
53
etag
W/"65a0ab76-3219"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
6157948227719302788
accept-ranges
bytes
content-length
3295
expires
Sun, 11 Feb 2024 03:12:50 GMT
AGSKWxW9bxSum7M2zMqKxWGcvLOVIk9nJZwagrm3timP9RuQqLTfZom8E7mtD8h9EZpKrHEFKTSPu7tT3aDbx5lDlWkCUqL_zjYVzPBRHhwtafMRY0YkkspUIXgH4gUEl-zTGmPbS2X3AA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW9bxSum7M2zMqKxWGcvLOVIk9nJZwagrm3timP9RuQqLTfZom8E7mtD8h9EZpKrHEFKTSPu7tT3aDbx5lDlWkCUqL_zjYVzPBRHhwtafMRY0YkkspUIXgH4gUEl-zTGmPbS2X3AA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMydysWSwbIpNQ8XJtR_bqujs8v2Qw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9vTilSfreX4Pn3dMJIhIrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9vTilSfreX4Pn3dMJIhIrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw1ZBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH4_iy52vZBA4cbF_CCADu1CCG"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.sanook.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E312 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
35085
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 19:12:58 GMT
expires
Wed, 29 Jan 2025 19:12:58 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6D3B 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2956d2a17c9d63172d107c53fe3c7ce221ac3e9804726f62c53822dc33c14089
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wvXg-f9Cq_x0XHMrKWAuGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-wvXg-f9Cq_x0XHMrKWAuGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 04:57:43 GMT
expires
Wed, 31 Jan 2024 04:57:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://www.sanook.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
4488097.jpg
s.isanook.com/vi/0/ud/2/24/jpg/224/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/vi/0/ud/2/24/jpg/224/4488097.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
2dc0b929a0df6ae31b0b78e89ecf467fd7667a362242f084f8462d65d1a5fa01

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:58:25 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
etag
"65af2f7a-16c84"
content-type
image/jpeg
x-nws-log-uuid
14904049974571027444
accept-ranges
bytes
content-length
93316
expires
Tue, 23 Jan 2024 04:03:25 GMT
graphql
apiu.sanook.com/ 		107 B
810 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apiu.sanook.com/graphql
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/9669-b56602280eb9384c191d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
61.91.93.41 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-41.static.asianet.co.th
Software
nginx / Express
Resource Hash
9b58d73b8fdbe6625279db3f09f458e6339a2bf4ac038e4c2746569cf5fbcb8f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 31 Jan 2024 04:57:43 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Content-Encoding
br
Server
nginx
U-API-Cache-Status
BYPASS
X-Powered-By
Express
ETag
W/"6b-HesegoWz1Hp1RtX0snUj7l+TU7c"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
graphql
apiu.sanook.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://apiu.sanook.com/graphql
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
61.91.93.41 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-41.static.asianet.co.th
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.sanook.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Max-Age
300
Connection
keep-alive
Date
Wed, 31 Jan 2024 04:57:43 GMT
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
U-API-Cache-Status
BYPASS
Vary
Origin
fc7be842cde1370c1972024656e50117
apiu.sanook.com/video-player/liveplay/ 		602 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apiu.sanook.com/video-player/liveplay/fc7be842cde1370c1972024656e50117
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/js/videojs-v8/videojs.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
61.91.93.41 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-41.static.asianet.co.th
Software
nginx / Express
Resource Hash
a64ab350ce88ba56f08dcb13496048b771a519929088bf257003d55a27e48bfa
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 04:57:43 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Server
nginx
U-API-Cache-Status
HIT
X-Powered-By
Express
X-Cache-Status
HIT
Vary
Origin, Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Allow-Credentials
true
Content-Disposition
attachment; filename=1553420.m3u8
Connection
keep-alive
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
Content-Length
602
b37e4a56-4608-4e86-a776-9673ff5c0523
https://www.sanook.com/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.sanook.com/b37e4a56-4608-4e86-a776-9673ff5c0523
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d9e1b76e2c6baa51e60f8e4689e22fe58ba91cae687a4743f82926fa5a67cb2

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
5063
Content-Type
application/javascript
d4ebc5d2-4aeb-465f-b28f-e3462c816ff7
https://www.sanook.com/ 		80 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.sanook.com/d4ebc5d2-4aeb-465f-b28f-e3462c816ff7
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eabde1ac92a155ccf5ae2e54dc45fab5322e5a3acb3685761349c2c5773ed248

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
81688
Content-Type
application/javascript
456afb28-584a-44ac-97be-9ee38586ccd3
https://www.sanook.com/ 		80 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.sanook.com/456afb28-584a-44ac-97be-9ee38586ccd3
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eabde1ac92a155ccf5ae2e54dc45fab5322e5a3acb3685761349c2c5773ed248

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
81688
Content-Type
application/javascript
bridge3.615.0_en.html
imasdk.googleapis.com/js/core/ Frame E853 		755 KB
242 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.615.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ed2bdecbe2d17f2e549b42f9e87ddc9e9c225135fc93e0e73356130924c557e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
36402
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
247184
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 18:51:01 GMT
expires
Wed, 29 Jan 2025 18:51:01 GMT
last-modified
Wed, 24 Jan 2024 21:07:15 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 31 Jan 2024 04:57:43 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D901 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:02:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3333
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 31 Jan 2024 05:02:10 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.sanook.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 31 Jan 2024 04:57:42 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
230773
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1&lsw=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
245808
expires
0
prebid
id5-sync.com/api/config/ 		135 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
0b55ec4e5aa91ac70224085c402a372fcdd954dd4df3229b7de7efbfa86cff3c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 31 Jan 2024 04:57:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
id
id.crwdcntrl.net/ 		152 B
899 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.44.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-44-38.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
24262dba5f8026f351bf575146c539e9a0be62ed97e3e92834734b78ebddf55d

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache
x-server
10.45.8.204
access-control-allow-credentials
true
content-length
152
expires
0
rid
match.adsrvr.org/track/ 		63 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
f6577f793fa7c9f30b69b782ab92dd50481ac5ac984931a87e7f976305e878bc

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Fri, 01 Mar 2024 04:57:43 GMT
screenshot
apiu.sanook.com/video-player/ 		750 B
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apiu.sanook.com/video-player/screenshot?screenshot-url=https://s.isanook.com/vi/0/ud/2/24/ss/224/4488097.jpg&duration=31
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/js/videojs-v8/videojs-vtt-thumbnails.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
61.91.93.41 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-41.static.asianet.co.th
Software
nginx / Express
Resource Hash
c4b2d9744f1a6158d73c49aee516c3582d23d84f00ae61c9dc2e7d21f911657a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 04:57:43 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Content-Encoding
br
U-API-Cache-Status
HIT
X-Powered-By
Express
X-Cache-Status
EXPIRED
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
ETag
W/"2ee-cExziL0qveo6IpIICo7c5Bn5QtU"
Vary
Accept-Encoding, Origin
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240124/r20190131/ Frame F27A 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240124/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
66931
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 10:22:12 GMT
etag
3890843268177463596
expires
Tue, 13 Feb 2024 10:22:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxW9bxSum7M2zMqKxWGcvLOVIk9nJZwagrm3timP9RuQqLTfZom8E7mtD8h9EZpKrHEFKTSPu7tT3aDbx5lDlWkCUqL_zjYVzPBRHhwtafMRY0YkkspUIXgH4gUEl-zTGmPbS2X3AA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW9bxSum7M2zMqKxWGcvLOVIk9nJZwagrm3timP9RuQqLTfZom8E7mtD8h9EZpKrHEFKTSPu7tT3aDbx5lDlWkCUqL_zjYVzPBRHhwtafMRY0YkkspUIXgH4gUEl-zTGmPbS2X3AA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMydysWSwbIpNQ8XJtR_bqujs8v2Qw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-jvnI-FywgEvcVhcASlH-1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-jvnI-FywgEvcVhcASlH-1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw1ZBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH4_iy52vZBDacaN3OCADsUCCG"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW9bxSum7M2zMqKxWGcvLOVIk9nJZwagrm3timP9RuQqLTfZom8E7mtD8h9EZpKrHEFKTSPu7tT3aDbx5lDlWkCUqL_zjYVzPBRHhwtafMRY0YkkspUIXgH4gUEl-zTGmPbS2X3AA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW9bxSum7M2zMqKxWGcvLOVIk9nJZwagrm3timP9RuQqLTfZom8E7mtD8h9EZpKrHEFKTSPu7tT3aDbx5lDlWkCUqL_zjYVzPBRHhwtafMRY0YkkspUIXgH4gUEl-zTGmPbS2X3AA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMydysWSwbIpNQ8XJtR_bqujs8v2Qw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-amJuOTpdvw2rQf9ZiD-ifA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-amJuOTpdvw2rQf9ZiD-ifA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw1JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH4_iy52vZBB5sOnSWEQDvAyD3"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.sanook.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWs3Y5QCA6Xye-7tP-zlgljqWlgogpDdBsn2xrFnbaYXqFosroW0EwSRR4HibAHtQSaksBapDd_5WUCkYo6HQ2_mx4YROsunr_Qexjig4toPC6dakq2RD9FhJrmlA9hjPg7wF36uw==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWs3Y5QCA6Xye-7tP-zlgljqWlgogpDdBsn2xrFnbaYXqFosroW0EwSRR4HibAHtQSaksBapDd_5WUCkYo6HQ2_mx4YROsunr_Qexjig4toPC6dakq2RD9FhJrmlA9hjPg7wF36uw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2Njc3MDYzLDM2NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZGUiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cuc2Fub29rLmNvbS8iLG51bGwsW1s4LCJsTUl6ZEFLS0RFWSJdLFs5LCJkZSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMydysWSwbIpNQ8XJtR_bqujs8v2Qw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ee1f34fada53e4013c51d0d105500256f5d1424cffe5e751f868e5138313e9e4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sUDH-Unmo1xI2l4We5OIsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
content-security-policy
script-src 'report-sample' 'nonce-sUDH-Unmo1xI2l4We5OIsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJwNxz0LQWEYBuBznjxCkkyYDTKxmU0GJaUoMinJciZZmPgH8r6DTVmERTIYlYFIBonBwjkki4-FwT1cw2WbqQGbV4n7vco6cqQdbHxn2kNVuVADTqkLGRD06xQGraRTBdSfQVZ4vK7kfF_JDQF4eG70gUksarqnBDvSghea4C2YKzjkaoI1cAwEh4aCR0vBU8jqgvPQYck9aCYkt6GekdyCSEFyEp5FyV8oH1ZcA5fdMu_qfbPTaI-n6h94wljN"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
wrapper.html
wrappers.geoedge.be/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wrappers.geoedge.be/wrapper.html
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:c600:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68de9947c014ba26a1d48132dc5a94697f4c575972d2944da8e496f5780fd7b2

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-amz-version-id
SIv.6LiuODikErkt8hGkZr.zJWI3NFp8
date
Wed, 31 Jan 2024 02:46:20 GMT
via
1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
9170
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
3527
last-modified
Tue, 19 Dec 2023 13:15:23 GMT
server
AmazonS3
etag
"6a6d57dbabaa297544a761a67d32156f"
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
3SwfT8DFJlScCKn5z6sl_50I0mOeZaYlUTUd7-k41HG0fqXZa4BSSg==
localstore.js
script.4dex.io/ 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 04:57:43 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 27 Nov 2023 07:14:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
250973
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=njzO3zioobxW7Bf4HRGB9PF8kJBEn7IT%2FSOrRzpBcTsCRYDayZVJeImUkXIcB4xGf13zByacLVqpH7igGFtmyezmdQRXNClfVv8DY8u%2BZdSlZ2CrOP9r%2BGgLn3MUGEIT4kY%2F6wMrWyW%2B%2FHaf"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
84df601e6f528fe3-FRA
hbjson
grid.bidswitch.net/ 		23 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.214.157.145 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
145.157.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
8ac4716a4096a6d64dfe4be46d216b50bbe1abf1de72454c1c59661ec0e4ce9a

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 31 Jan 2024 04:57:43 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
48
3089474
bs.yandex.ru/prebid/ 		0
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/3089474?imp-id=1&target-ref=www.sanook.com&ssp-id=10500
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
last-modified
Wed, 31 Jan 2024 04:57:43 GMT
x-yandex-req-id
1706677063581656-1386633927419121238500275-production-app-host-sas-pcode-19
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.sanook.com
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Wed, 31 Jan 2024 04:57:43 GMT
hbjson
grid.bidswitch.net/ 		23 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.214.157.145 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
145.157.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6c08ba51b94d20c9a5a2b6c2e776f22b3754d9272252d514118c7ce5ebada2ec

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 31 Jan 2024 04:57:43 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
48
/
ghb.adtelligent.com/v2/auction/ 		3 KB
991 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:944:0:3eec:efff:fed0:86a2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
b553f99621aeca6a8cfc98c6b112a908ee3c9d28522edb4c85f05745871ec40f

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 31 Jan 2024 04:57:43 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
682
prebid
mp.4dex.io/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b9b64423c01c2a2f45b85c118d41382e9fa6cb4f1108fc599fe86c8a61bcf7f

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Wed, 31 Jan 2024 04:57:43 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: andbeyond3001
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
84df601e7dcdbb86-FRA
expires
0
bid-request
a.teads.tv/hb/ 		16 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 31 Jan 2024 04:57:43 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		298 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=384960&zone_id=2141818&size_id=15&alt_size_ids=13%2C14&rp_schain=1.0,1!andbeyond.media,132006,1,,,&rf=https%3A%2F%2Fwww.sanook.com%2F&kw=%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%2C%E0%B8%AB%E0%B8%A7%E0%B8%A2%2C%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A%E0%B8%B2%E0%B8%A5%2C%E0%B8%9F%E0%B8%B1%E0%B8%87%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%2CJoox%2C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%2C%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%2C%E0%B8%A7%E0%B8%B2%E0%B9%84%E0%B8%A3%E0%B8%95%E0%B8%B5%E0%B9%89%2C%E0%B8%81%E0%B8%B5%E0%B8%AC%E0%B8%B2%2C%E0%B8%AB%E0%B8%99%E0%B8%B1%E0%B8%87%2C%E0%B8%A5%E0%B8%B0%E0%B8%84%E0%B8%A3%2C%E0%B8%84%E0%B8%A5%E0%B8%B4%E0%B8%9B%E0%B8%A7%E0%B8%B4%E0%B8%94%E0%B8%B5%E0%B9%82%E0%B8%AD%2C%E0%B8%AA%E0%B8%B8%E0%B8%82%E0%B8%A0%E0%B8%B2%E0%B8%9E%2C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%9A%E0%B8%B1%E0%B8%99%E0%B9%80%E0%B8%97%E0%B8%B4%E0%B8%87%2Csanook%2C%E0%B8%A7%E0%B8%B4%E0%B9%80%E0%B8%84%E0%B8%A3%E0%B8%B2%E0%B8%B0%E0%B8%AB%E0%B9%8C%E0%B8%9A%E0%B8%AD%E0%B8%A5%2C%E0%B9%80%E0%B8%81%E0%B8%A1%2C%E0%B8%94%E0%B8%B9%E0%B8%97%E0%B8%B5%E0%B8%A7%E0%B8%B5%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C&tg_i.domain=sanook.com&tg_i.page=https%3A%2F%2Fwww.sanook.com%2F&tk_flint=rtbpbjs_lite_v7.54.4&x_source.tid=729fa993-d196-463e-808b-6304a3d5e8c1&l_pb_bid_id=145e28ba9729d97&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&x_imp.ext.tid=729fa993-d196-463e-808b-6304a3d5e8c1&rp_maxbids=1&slots=1&rand=0.49519426505466657
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b6d2d8833649ea99ca5ffecfea5dd1b653d1a0ce492ada5fb3d41770f69b60d7

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
298
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 31 Jan 2024 04:57:43 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		19 B
1016 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
an-x-request-uuid
f59eb7e9-4300-4cab-b8f3-7f5c71b69456
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
149.88.27.84; 149.88.27.84; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=149&profileId=185&av=36&wv=7.54.4&cb=30023360939
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a5f570f7b0bbfbdceb719e763fc857c874ed2b473bae723187d2655d6274eee9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
bid
ap.lijit.com/rtb/ 		24 B
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.4
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.57.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-57-151.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a6d74ef47401cfdb2a9e33dc592951044b2834eaef0b0c1d5ad5c68e0176722f

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
24
prebid
prebid.media.net/rtb/ 		338 B
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUO7Q43N
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
1a3a380072c096937a52cb90c066dab063adeb2edf37d74b1571e521733f65ec

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 31 Jan 2024 04:57:43 GMT
header
hb.aralego.com/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-BE7AE44DE8772396077EE2EB984D736E&tdid=&schain=&eids=&u=https%3A%2F%2Fwww.sanook.com%2F&host=www.sanook.com&ucfUid=47ebcca6-7491-4edd-8c9f-aa8908b67fe0&w=300&h=250
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.sanook.com
Date
Wed, 31 Jan 2024 04:57:43 GMT
Access-Control-Allow-Credentials
true
Connection
close
bid-request
rtb.adpone.com/ 		805 B
931 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adpone.com/bid-request?pid=12281515544499
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1cfbcab9eb53292b09938408ff7192883b80567fc4e5af91522e6d14dbb1aa1

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JKAzBerLbVd9TGWeKrQIG3f2WRoikrfDpmqRk3cEVS95zRBlT9bBB0ox1c%2FO4q9ItZj%2FIcqQKVbSDNUtmclTNBlEOVcg%2BFJ5UoL3cN%2FgUZOVPJM5JwLbVDndE3fFnmmlUsw3lVYF7LUvaQeb"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
cf-ray
84df601e9c540487-FRA
prebid
ib.adnxs.com/ut/v3/ 		19 B
1016 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
an-x-request-uuid
fdf0be92-ed4b-45c3-be6b-fcf0515f7e71
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
149.88.27.84; 149.88.27.84; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
ff203ebb7d641cb6a60a22a06c998c92f91026a2f377bfb3814ba1a2555e03cd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 31 Jan 2024 04:57:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
sodar
pagead2.googlesyndication.com/pagead/ Frame 6D3B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401250101&jk=4073761699900862&rc=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
graphql
apiu.sanook.com/ 		106 B
802 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apiu.sanook.com/graphql
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/9669-b56602280eb9384c191d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
61.91.93.41 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-41.static.asianet.co.th
Software
nginx / Express
Resource Hash
e98a06f7a4525a9e890b43356067a04ed2341d610e9fac8423877ef5171f4090
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 31 Jan 2024 04:57:44 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Content-Encoding
br
Server
nginx
U-API-Cache-Status
BYPASS
X-Powered-By
Express
ETag
W/"6a-94SKwIJauSaNAoMwwlqNvaBPVLA"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
graphql
apiu.sanook.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://apiu.sanook.com/graphql
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
61.91.93.41 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-41.static.asianet.co.th
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.sanook.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Max-Age
300
Connection
keep-alive
Date
Wed, 31 Jan 2024 04:57:43 GMT
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
U-API-Cache-Status
BYPASS
Vary
Origin
icon_back.svg
s.isanook.com/sr/0/images/video/video-js/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/video/video-js/icon_back.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
fbc3eaaf53c12129fbddb7a0c98f5cd960439f1f1346b6966b8c4a66c84afedb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 03:13:47 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 12 Jan 2024 03:01:06 GMT
server
Lego Server
age
0
etag
W/"65a0ab72-67e"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
14664793934091900210
accept-ranges
bytes
content-length
866
expires
Sun, 11 Feb 2024 03:13:47 GMT
icon_next.svg
s.isanook.com/sr/0/images/video/video-js/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/video/video-js/icon_next.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
e55f17bedfb25e6b13645138dfd163e644ab147fecd04694a37b6caa95ea3dce

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 03:13:05 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 12 Jan 2024 03:01:06 GMT
server
Lego Server
age
41
etag
W/"65a0ab72-67e"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
10994071720436677606
accept-ranges
bytes
content-length
867
expires
Sun, 11 Feb 2024 03:13:05 GMT
632
a.ad.gt/api/v1/u/matches/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/632?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.sanook.com%2F&ref=&_it=amazon&partner_id=632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1822ff22bc35e9bcbbd33d4adbd3c0a10efeee3d66bfe790ff3e7057d2bca485

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 31 Jan 2024 04:53:38 GMT
server
cloudflare
age
245
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
84df601eec4a366d-FRA
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame E312 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 14:58:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
50353
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Jan 2025 14:58:30 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 5CE5 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
events
bidder.criteo.com/csm/ 		0
192 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 31 Jan 2024 04:57:43 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixels
ssp-sync.criteo.com/user-sync/ 		227 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8308b026bb9efe76c7be488233788903523d937570cacf353cb597267a77b3b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-store,max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
iu3
aax-eu.amazon-adsystem.com/s/ Frame 56CF 		336 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-onetag_rbd_ppt_n-baidu_n-MediaNet_smrt_sovrn_n-Outbrain
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
5df083d482ffe8106175a2613d36a8bf8294c0f3f95584eab9fed846828cffc1
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
336
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 31 Jan 2024 04:57:43 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
GJZQ3KJ3XZVS45NA8Q4T
617.json
id5-sync.com/g/v2/ 		251 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/617.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
0e8067267aeb234755e4f82c7ca2ee7ecee32ffe6556d9dc7ef18c727c1d2e95
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 31 Jan 2024 04:57:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
AGSKWxXWh6FxoYfrHmniXc2PRCSuL12ZklRPODtNLOVTF4hHQVMSvcKh7z8SPdTTPgqavYVLSvIKWxaALM_zKc2fp-NdZkT-34ZIFUP-CHEaIRpJHQZjFQgetUmwcQKhF4ll758ciazfng==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXWh6FxoYfrHmniXc2PRCSuL12ZklRPODtNLOVTF4hHQVMSvcKh7z8SPdTTPgqavYVLSvIKWxaALM_zKc2fp-NdZkT-34ZIFUP-CHEaIRpJHQZjFQgetUmwcQKhF4ll758ciazfng==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMydysWSwbIpNQ8XJtR_bqujs8v2Qw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-K5rKO9pR95tA2zRsx0tEOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-K5rKO9pR95tA2zRsx0tEOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw15BiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH4_iy52vZBG7sOvmXEQDu1CEs"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.sanook.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 04:57:43 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
174470
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:07 GMT
Server
cloudflare
ETag
W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nO6CBo9GDOqN8RLUK2zVIUk2%2Fem6%2Bc63espcIpfizya%2FAJoFm0cja7ghANLddc%2FC2I4lEnruVSlgYOjFvTJfW%2BRujsJAKv2tzehfilnUrr1n2NoKJl5louJYD7BqWmUMGCGc8guq61lqJ0fO"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
84df601f4d2b1989-FRA
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame 67A1 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-onetag_rbd_ppt_n-baidu_n-MediaNet_smrt_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-onetag_rbd_ppt_n-baidu_n-MediaNet_smrt_sovrn_n-Outbrain
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a7a99468164de8d1c4ab15148aa8a91c94e83650e03afe9001d7a16a26744270
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-onetag_rbd_ppt_n-baidu_n-MediaNet_smrt_sovrn_n-Outbrain
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
1894
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 31 Jan 2024 04:57:43 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
RG8NJ3YZQFQVWY5WRSM7
generate_204
tpc.googlesyndication.com/ Frame E312 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?bfYjig
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=aGdpF19kSkV1eW8zZmRUYkIlMkZZaEVUOVlHNW5lWHh3ckFpYlM5SGVJcDB4JTJGMCUyRkRrJTNE&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-pso2Q-zSdvYUt1CVfsX1iKR...
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=criteo&user_id=k-pso2Q-zSdvYUt1CVfsX1iKRIp3sXnxcDUvmzjA&gdpr=&gdpr_consent=
  • https://ssp-sync.criteo.com/user-sync/match?p=aGdpF19kSkV1eW8zZmRUYkIlMkZZaEVUOVlHNW5lWHh3ckFpYlM5SGVJcDB4JTJGMCUyRkRrJTNE&u=ab70f9cc-ddaa-4a92-a1ec-b4be5e1439da
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=aGdpF19kSkV1eW8zZmRUYkIlMkZZaEVUOVlHNW5lWHh3ckFpYlM5SGVJcDB4JTJGMCUyRkRrJTNE&u=ab70f9cc-ddaa-4a92-a1ec-b4be5e1439da
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
2a02:2638:3::6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:42 GMT
cache-control
no-store,max-age=0
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

Location
//ssp-sync.criteo.com/user-sync/match?p=aGdpF19kSkV1eW8zZmRUYkIlMkZZaEVUOVlHNW5lWHh3ckFpYlM5SGVJcDB4JTJGMCUyRkRrJTNE&u=ab70f9cc-ddaa-4a92-a1ec-b4be5e1439da
Date
Wed, 31 Jan 2024 04:57:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
ssbsync.smartadserver.com/api/ Frame 788F 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.171 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
b2450e916d1c60cdbe33c0d3ac96b607c4193c3223b93bbb0bb9844ff37c14ea

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
1082
content-type
text/html
date
Wed, 31 Jan 2024 04:57:43 GMT
/
onetag-sys.com/match/ Frame 67A1 		0
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-onetag_rbd_ppt_n-baidu_n-MediaNet_smrt_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 67A1
Redirect Chain
  • https://trace-eu.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=baidu.com&id=f34e96990a4aa6eb2nqrm600ls1bgidy
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=baidu.com&id=f34e96990a4aa6eb2nqrm600ls1bgidy
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-onetag_rbd_ppt_n-baidu_n-MediaNet_smrt_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 04:57:43 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RV0ZW7J8AYZEE2SJ1A3E
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Wed, 31 Jan 2024 04:57:43 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=baidu.com&id=f34e96990a4aa6eb2nqrm600ls1bgidy
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 67A1
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3496786637934849000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3496786637934849000V10
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-onetag_rbd_ppt_n-baidu_n-MediaNet_smrt_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 04:57:43 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XSZGRBT7DD774F29ZXH8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 04:57:43 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3496786637934849000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Wed, 31 Jan 2024 04:57:43 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 67A1
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-onetag_rbd_ppt_n-baidu_n-MediaNet_smrt_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 04:57:44 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9WMDC33KZKZAS0BM3DNE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 04:57:44 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/html; charset=utf-8
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=&gdpr=0
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
99
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame AEE2 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-onetag_rbd_ppt_n-baidu_n-MediaNet_smrt_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 31 Jan 2024 04:57:43 GMT
ETag
"20524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame 8121 		849 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-onetag_rbd_ppt_n-baidu_n-MediaNet_smrt_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
ce4bc94a80921be3891ffd3ae8ea6a3c7dff1cbf00c449221f34c56dc2e5e235

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
de-CH
content-length
849
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-6658dc8946-r96gq
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
ecm3
aax-eu.amazon-adsystem.com/s/ Frame A60E
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=2&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=5322462639283243386&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=5322462639283243386&gdpr=0&gdpr_consent=
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-onetag_rbd_ppt_n-baidu_n-MediaNet_smrt_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 31 Jan 2024 04:57:43 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
2ZJX9JGGMRJX2BJYTDFE

Redirect headers

content-length
0
date
Wed, 31 Jan 2024 04:57:43 GMT
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=5322462639283243386&gdpr=0&gdpr_consent=
amazon
ce.lijit.com/beacon/ Frame C543
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
  • https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
  • https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-onetag_rbd_ppt_n-baidu_n-MediaNet_smrt_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.125.80.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-80-207.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a63ef532b19dfc2ecafafa836e484a18eb590d7ec8a04a4e74bb7822394752d6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-encoding
gzip
content-length
511
content-type
text/html
date
Wed, 31 Jan 2024 04:57:43 GMT
expires
Fri, 20 Mar 2009 00:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
vary
Accept-Encoding, User-Agent

Redirect headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length
0
date
Wed, 31 Jan 2024 04:57:43 GMT
expires
Fri, 20 Mar 2009 00:00:00 GMT
location
https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
usync.js
eus.rubiconproject.com/ Frame AEE2 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1c20d9917401570e57b29c63fcec6ac1c7b8394777f16ddeff554000c9a94ebb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 04:57:43 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Jan 2024 13:44:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=31621
Connection
keep-alive
Content-Length
10901
Expires
Wed, 31 Jan 2024 13:44:44 GMT
rtset
bh.contextweb.com/bh/ Frame 8121
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=bEpNYlc2Z25SSXozakl0ejJWUW82UQ&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEPAZvrX15QqijfrbfHjcV7M&google_cver=1
49 B
799 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEPAZvrX15QqijfrbfHjcV7M&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
H2
Server
208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6658dc8946-r96gq
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEPAZvrX15QqijfrbfHjcV7M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 8121
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=7d2b42230dad18f1&is_secure=true&networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAIDmBsQS56hQNzRWhhAAAAAAA&expiration=1706763463&nuid=&is_secure=true&gdpr_consent=&gdpr=0
49 B
832 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAIDmBsQS56hQNzRWhhAAAAAAA&expiration=1706763463&nuid=&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
H2
Server
208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6658dc8946-r96gq
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAIDmBsQS56hQNzRWhhAAAAAAA&expiration=1706763463&nuid=&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame 8121 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=UuA4zY9ygAHE&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 04:57:43 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YS6EH4TSH5ZMNBYNKQ7M
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
setuid
u.4dex.io/ Frame 788F 		0
675 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=smart&uid=5322462639283243386&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
v1
match.sharethrough.com/sync/ Frame 788F
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=5322462639283243386&gdpr=0&gdpr_consent=
0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=5322462639283243386&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H2
Server
18.157.105.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-105-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=5322462639283243386&gdpr=0&gdpr_consent=
pragma
no-cache
date
Wed, 31 Jan 2024 04:57:42 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame 788F
Redirect Chain
  • https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=35fda205-af75-486f-b445-828894e766ae&gdpr=0&gdpr_consent=[GDPR_CONSENT]
43 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=35fda205-af75-486f-b445-828894e766ae&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
217.182.178.234 , France, ASN16276 (OVH, FR),
Reverse DNS
ip234.ip-217-182-178.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 04:57:44 GMT
Server
nginx
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=35fda205-af75-486f-b445-828894e766ae&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 788F
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=6626623700304249093&gdpr=0&gdpr_consent=
43 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=6626623700304249093&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
217.182.178.234 , France, ASN16276 (OVH, FR),
Reverse DNS
ip234.ip-217-182-178.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
an-x-request-uuid
d94f9b20-eda9-4b5e-aa9d-dcc9a077e03b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=6626623700304249093&gdpr=0&gdpr_consent=
x-proxy-origin
149.88.27.84; 149.88.27.84; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 788F
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NTMyMjQ2MjYzOTI4MzI0MzM4Ng==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEFOfma2McrWZelkrJXxE2Og&gdpr=0&gdpr_consent=&google_cver=1
43 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEFOfma2McrWZelkrJXxE2Og&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
217.182.178.234 , France, ASN16276 (OVH, FR),
Reverse DNS
ip234.ip-217-182-178.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEFOfma2McrWZelkrJXxE2Og&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame AEE2 		7 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=LS1BGGMU-6-JDB4
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
b71bced807741b20dd93dce6c2d26405
Expires
0
index.m3u8
bmedia1.fsanook.com/2/24/HD/360p/224/4488097.mp4/ 		488 B
890 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bmedia1.fsanook.com/2/24/HD/360p/224/4488097.mp4/index.m3u8
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/js/videojs-v8/videojs.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.44.84 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx /
Resource Hash
f4ad06567ba4c72d0292661aaf1f5eb63c6d684490cb66db2b5607ac660e2ac7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 04:10:41 GMT
x-cache-lookup
Cache Hit
last-modified
Sun, 19 Nov 2000 08:00:00 GMT
server
nginx
etag
"-1-1e8"
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range
cache-control
max-age=2592000
x-nws-log-uuid
10224959347008368379
accept-ranges
bytes
access-control-allow-headers
origin,range,accept-encoding,referer
content-length
488
expires
Thu, 22 Feb 2024 04:10:41 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame AEE2
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&gdpr=0&gdpr=0&khaos=LS1BGGMU-6-JDB4
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=LS1BGGMU-6-JDB4&ex=d-rubiconproject.com&status=ok&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=LS1BGGMU-6-JDB4&ex=d-rubiconproject.com&status=ok&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-onetag_rbd_ppt_n-baidu_n-MediaNet_smrt_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 04:57:43 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QRDZYE3J0EN77KYYVD5D
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=LS1BGGMU-6-JDB4&ex=d-rubiconproject.com&status=ok&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d6e3b6fefbbeb4d018118d74243a2fc
Expires
0
seg-1-v1-a1.ts
bmedia1.fsanook.com/2/24/HD/360p/224/4488097.mp4/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bmedia1.fsanook.com/2/24/HD/360p/224/4488097.mp4/seg-1-v1-a1.ts
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/js/videojs-v8/videojs.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.44.84 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx /
Resource Hash
cd0111f7173845ab14f9e42c54c15237c70e6af9041128c7f69b9f9f1b81e7d8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 04:10:41 GMT
x-cache-lookup
Cache Hit
last-modified
Sun, 19 Nov 2000 08:00:00 GMT
server
nginx
etag
"-1-1746b8"
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range
cache-control
max-age=2592000
x-nws-log-uuid
6294354620914877240
accept-ranges
bytes
access-control-allow-headers
origin,range,accept-encoding,referer
content-length
1525432
expires
Thu, 22 Feb 2024 04:10:41 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame C543 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=IFOJAPZHVHLdzjBiTLy7aoc9&ex=sovrn.com&gdpr=0&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 04:57:43 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JDYKGT0E1KNXACJ38B41
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame C543
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?3pid=AADi3k7Lc6cAABQCAGhMTQ&pid=85&gdpr=0
43 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?3pid=AADi3k7Lc6cAABQCAGhMTQ&pid=85&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
H2
Server
79.125.80.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-80-207.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://ce.lijit.com/merge?3pid=AADi3k7Lc6cAABQCAGhMTQ&pid=85&gdpr=0
Date
Wed, 31 Jan 2024 04:57:43 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame C543
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=d059a7c7-748a-4630-a953-a1008e7ed124-65b9d345-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=d059a7c7-748a-4630-a953-a1008e7ed124-65b9d345-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Dd059a7...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=d059a7c7-748a-4630-a953-a1008e7ed124-65b9d345-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D...
  • https://ce.lijit.com/merge?pid=16&3pid=d059a7c7-748a-4630-a953-a1008e7ed124-65b9d345-4348&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=d059a7c7-748a-4630-a953-a1008e7ed124-65b9d345-4348&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
H2
Server
79.125.80.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-80-207.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
date
Wed, 31 Jan 2024 04:57:44 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
content-type
image/gif

Redirect headers

date
Wed, 31 Jan 2024 04:57:44 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ce.lijit.com/merge?pid=16&3pid=d059a7c7-748a-4630-a953-a1008e7ed124-65b9d345-4348&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/ Frame C543
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=UuA4zY9ygAHE&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=UuA4zY9ygAHE&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
H2
Server
79.125.80.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-80-207.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
content-type
image/gif

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://ce.lijit.com/merge?pid=49&3pid=UuA4zY9ygAHE&ev=1&pid=558511&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6658dc8946-r96gq
expires
-1
generic
data.adsrvr.org/track/cmf/ Frame C543 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:43 GMT
server
Kestrel
content-length
70
content-type
image/gif
merge
ce.lijit.com/ Frame C543
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?3pid=OPUeefb8bf9417b492cace669cf437a7ad8&gdpr=0&gdpr_consent=&pid=103
43 B
983 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?3pid=OPUeefb8bf9417b492cace669cf437a7ad8&gdpr=0&gdpr_consent=&pid=103
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
H2
Server
79.125.80.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-80-207.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
date
Wed, 31 Jan 2024 04:57:44 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://ce.lijit.com/merge?3pid=OPUeefb8bf9417b492cace669cf437a7ad8&gdpr=0&gdpr_consent=&pid=103
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
131
expires
Mon, 01 Jan 1990 00:00:00 GMT
seg-2-v1-a1.ts
bmedia1.fsanook.com/2/24/HD/360p/224/4488097.mp4/ 		2 MB
2 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bmedia1.fsanook.com/2/24/HD/360p/224/4488097.mp4/seg-2-v1-a1.ts
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/js/videojs-v8/videojs.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.44.84 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx /
Resource Hash
4de0eee74e514aa29dd5616c4627b5a5b75eccf3b87e8caa2da1afd6460d6f25

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 04:14:20 GMT
x-cache-lookup
Cache Hit
last-modified
Sun, 19 Nov 2000 08:00:00 GMT
server
nginx
etag
"-1-181a38"
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range
cache-control
max-age=2592000
x-nws-log-uuid
4508935914416801908
accept-ranges
bytes
access-control-allow-headers
origin,range,accept-encoding,referer
content-length
1579576
expires
Thu, 22 Feb 2024 04:14:20 GMT
q
p.adlooxtracking.com/ 		82 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/q?v=gpt-f17492c-dirty&c=532&t=1193&p=248&pn=%2F&s=%2F4899711%2Fwww.sanook%2Fdesktop%2Fall%2Findexpage%2Funiversalb%09rgpt-universalb-2&s=%2F4899711%2Fwww.sanook%2Fdesktop%2Fall%2Findexpage%2Fbillboard%09rgpt-billboard-3&s=%2F4899711%2Fwww.sanook%2Fdesktop%2Fall%2Findexpage%2Freca%09rgpt-reca-4&s=%2F4899711%2Fwww.sanook%2Fdesktop%2Fall%2Findexpage%2FSkyscraper%09rgpt-Skyscraper-5&s=%2F4899711%2Fwww.sanook%2Fdesktop%2Fall%2Findexpage%2Fleaderboard%09rgpt-leaderboard-6&s=%2F21751243814%2C4899711%2F640822-300-250-1%09andbeyond3001
Requested by
Host: p.adlooxtracking.com
URL: https://p.adlooxtracking.com/gpt/a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.231.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c3e4328baf0470ad0176cacf1314925f6c7c69bc135c8b0f57e2215504c57d76
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-adloox-pubint-version
20240131013254
date
Wed, 31 Jan 2024 04:57:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-real-ip
149.88.27.84
x-adloox-pubint-commit
54ac68f
via
1.1 google
x-adloox-pubint-commit-db
f28931e75-dirty
server-timing
conn;dur=0.005, ua;dur=0.016, segment_pipeline;dur=0.141, segment_ip;dur=0.004, segment_iab-valid;dur=0.008, segment_iab-spider;dur=0.611, segment_bs;dur=0.002, segment;dur=0.912
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server
nginx
vary
Accept-Encoding, origin, user-agent
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.sanook.com
access-control-expose-headers
x-adloox-pubint-commit, x-adloox-pubint-commit-db, x-adloox-pubint-version
cache-control
private, must-revalidate, max-age=3600, stale-while-revalidate=86400, stale-if-error=86400
access-control-max-age
600
timing-allow-origin
*
access-control-allow-headers
x-cloud-trace-context
seg-3-v1-a1.ts
bmedia1.fsanook.com/2/24/HD/360p/224/4488097.mp4/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bmedia1.fsanook.com/2/24/HD/360p/224/4488097.mp4/seg-3-v1-a1.ts
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/js/videojs-v8/videojs.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.44.84 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx /
Resource Hash
d9be178e731c95970a3ab71d6919e427c4dcd90a325e21bbfcd64543f94cc487

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 19:06:03 GMT
x-cache-lookup
Cache Hit
last-modified
Sun, 19 Nov 2000 08:00:00 GMT
server
nginx
etag
"-1-120b38"
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range
cache-control
max-age=2592000
x-nws-log-uuid
2851158720293104009
accept-ranges
bytes
access-control-allow-headers
origin,range,accept-encoding,referer
content-length
1182520
expires
Sat, 24 Feb 2024 19:06:03 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 682F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401250101&jk=4073761699900862&bg=!GhmlGVbNAAa8BdJLnAU7ADQBe5WfOOUGcuMARdR8Z7WJG3IK70UvRg5AV21_-FAqUkhnbn2qbZxIXDmXpXubuLj7F5Y6AgAAADJSAAAAAmgBBwoAt5xKf3ff17OPEuxz0Aiau_O3s4jBAI-uXgQFX4i73k8DE1YFIsLLe9Cc9fR-vg_r38sPQ8B94xKz0fR3klYv9gWF2aNgfOIMW8Vmzx4RTDawEIrL1wo88PwNpr4OHSITlKj16axhIvxHLs5gKvlL0MFAxZraICcjXu2QLTFm9ENfh_UQoSmGAhESx4pJn9rt45H8AD9Xu3BIej4nf8_WMUzAlKENqZ72FdumN8EqCMrgEYf4sv5cZJkC0H2skX_Sj1rkKxczLmaLAfAwKixuRMMGOWLt-saotp9WYTR5rPYCwbttpmDdV3BoQPmeKAlQwKiwrMLQwArTF9NMGWqzd3E4-NeCH8ADbj7COI9BKVs47YA3IUPtlEN9D26rfpuVbirLZXpB4Vr8FQDbq40PZjyygYvhs8XQuKxhNrSOvDJGcdhQZwLkNSM7qdEqA-2hwv_8RzV0EeU8xmroOs8pGYqs-xzMZ68pRh322Xc600wMYe_7F1iKqOl36vL682j147pMEOe1JTHDOOrlljrddEts75e4QfHObsBQSSdvOIzzuCArKv7KmeybYsgHMmt3W3B3BPdoWQhSd-wkEajiLwYSqAytQno-p0Lm-gl4GyLmfTYFB5ZSVz5VzhLKxklSXmc2fPIsZ_M1ZFOQNZnnmggki7U7UB12DRCx89Eq7sjjGReOvI48W8wvhZAQrZpUZXTGZLxJ3uEXqwytWBK6DnCurJnxffbVIrJy6RVMtg60wHmwcB17sHFmv8slLjhT9G__zer33XAodLe5f0Spe7oS8zz61zmmvoSTFSw3uh15mioBQFh034FX4_4aQAKtFAbgw2Br2SRlMp_WxNL7ogo0wESies4Gf3BUek-zjbp2hpD2qO3XmPNwG0soXe65Xn9J9ahVAqbRI0KdAqkSbYh7IUTKFkBRG_nYvgArTiqGwHOxrhAsSw8aXta2M3u6NPDgKN9C_mF8X3pdMbUf9tSWWSvEMlQV-ud0Sr7RKZ0LXbxU252Xc1keqO2tvr76Qo0n_Oxqnx6zBZVNBV1rt3o2MZCwrUij2dJa5Ce9khVzTPwmU0Loo8yLrUCpz78ZM55sd4aQGNqQVjvxfYafwqKJogWuJyO0aPdJUtY-LLWLKP8wZRfMn3JeWzJyGRTc0_vEz2Ku55BA4WfJF-rK5tqIReApxvDt3YHc-yWnQIEus3siBo-lMDKkgQ
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 31 Jan 2024 04:57:42 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
0b50eeffe14d3692b29ee7b525ecd7f45451d2c98062f3a5f0cb181d84436bcd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 31 Jan 2024 04:57:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
seg-4-v1-a1.ts
bmedia1.fsanook.com/2/24/HD/360p/224/4488097.mp4/ 		27 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bmedia1.fsanook.com/2/24/HD/360p/224/4488097.mp4/seg-4-v1-a1.ts
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/js/videojs-v8/videojs.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.44.84 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx /
Resource Hash
22c575f163d6a9fd81f2fced40f7d9b6cfb165b78e1cfb92fc8df3a73ce9349f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 04:14:35 GMT
x-cache-lookup
Cache Hit
last-modified
Sun, 19 Nov 2000 08:00:00 GMT
server
nginx
etag
"-1-6b38"
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range
cache-control
max-age=2592000
x-nws-log-uuid
12722096783008623895
accept-ranges
bytes
access-control-allow-headers
origin,range,accept-encoding,referer
content-length
27448
expires
Thu, 22 Feb 2024 04:14:35 GMT
v3
id5-sync.com/gm/ 		289 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
2aff5d5ca5f97e1548d66143a56986761144ee8ac7b427ac167fb6e42e314a96
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 31 Jan 2024 04:57:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3611580827968359&correlator=1377463970095143&eid=31080155%2C31080781%2C31080755%2C676982961%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202401250101&ptt=17&impl=fif&gdpr=0&iu_parts=21751243814%3A4899711%2C640822-300-250-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200&fluid=height&ifi=6&didk=4118059834&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D3c78105478a70ea7%3AT%3D1706677061%3ART%3D1706677061%3AS%3DALNI_MY0AvCiT1hErVYGJou7mUM0n_QTRg&gpic=UID%3D00000d4d600b9ce2%3AT%3D1706677061%3ART%3D1706677061%3AS%3DALNI_MbQx-TYLJd47-z6dVm07lQyYak3VA&abxe=1&dt=1706677064160&lmt=1706677064&adxs=1033&adys=1076&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.sanook.com%2F&rumc=3611580827968359&rume=1&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&ga_vid=1952691386.1706677060&ga_sid=1706677061&ga_hid=142997764&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20Yko6F79UxSABSAghkEhsKDGlkNS1zeW5jLmNvbRilj4Xv1TFIAFICCGoSGgoNY3J3ZGNudHJsLm5ldBIAGKWQhe_VMUgAEhkKCnB1YmNpZC5vcmcY2Y6F79UxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGJKOhe_VMUgAUgIIZBIUCgVvcGVueBjdjoXv1TFIAFICCG8.&cbidsp=CnoIARI6CghwdWJtYXRpYxAbGiAKDzM4NWEyMjJkYTNkYThiMxAAGgNVU0QoAToECAAQACABUghwdWJtYXRpYxgCIiQ3MGI2Y2UyMy01YWE1LTQ4N2QtYTkwOC1lNTg1YTRhOTQ3MjEqBAgDIAAyB3Y3LjM5LjBAtgdKAA..&dlt=1706677059766&idt=1413&ppid=5dfcc702cfa78621604afb045de1bda7&prev_scp=adunit%3Dreca%26prebidtrue%3D0%26hb_width%3D300%26hb_height%3D250%26active%3D1%26visible%3D1%26andbeyondhijack%3D1%26andbeyondunfilled%3D0%26refresh1%3D1%26activevisible%3D1%26refreshtype%3Dnone%26amznbid%3D2%26amznp%3D2%26adl_dis%3D-1%26hb_format_criteointl%3Damp%26hb_size_criteointl%3D300x250%26hb_pb_criteointl%3D0.09%26hb_adid_criteointl%3D32dd847218c418f%26hb_bidder_criteointl%3Dcriteointl%26hb_size%3D300x250%26hb_format%3Damp%26hb_pb%3D0.09%26rtb_pb%3D0.09%26hb_adid%3D32dd847218c418f%26hb_bidder%3Dcriteointl&cust_params=adl_ua_old%3D1%26adl_ok%3D1&adks=919687659&frm=20&eo_id_str=ID%3D367d483ed7ba481b%3AT%3D1706677061%3ART%3D1706677061%3AS%3DAA-AfjY_kmWpJ1CWRDtd7vr5zu7B
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080755
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a78d2b81ddebb047852a17a05ea8cb05ab57d805febbd271833d14c82709c8fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:44 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13562
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 682F 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~ls1bggzk&c=4073761699900862&ctx=1&met.4=fb.3~lb.2g~ol.189~idt.110~dt.-29&met.9=1.3n~2.6s~9.0~3_1.7b~7_1.0~4_1.c7~5_1.cf~6_1.cg&met.3=112.ba~113.18d_1&met.1=1.ls1bggob~14.0~15.0~16.0~17.0~18.0~19.0~20.0~21.0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4001:c2e::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:44 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tgframe.html
cdn.taboola.com/webpush/ Frame CC8E 		530 B
552 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/webpush/tgframe.html
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/webpush/publishers/1011713/taboola-push-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee855581a36f5e32f1850e5d174d46156e51d3790a84851000c6b8cc0f135408

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

abp
61
accept-ranges
bytes
access-control-allow-origin
*
age
58
cache-control
private,max-age=14400
content-encoding
gzip
content-length
290
content-type
text/html
date
Wed, 31 Jan 2024 04:57:44 GMT
etag
"279913f0b9685fbf713832b8a94e8140"
last-modified
Tue, 25 May 2021 10:44:34 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 varnish
x-amz-id-2
3UHuFIuRZH2Ct88c67gr6E5awtH1yEcC8WzBfyqVP9bug5OYyd/n4cfIfSyTDV2CwXiIiuAFH8w=
x-amz-replication-status
COMPLETED
x-amz-request-id
87ZPYJ9855SANYWB
x-amz-version-id
eCJpg3h26Rvju2v48GlDAqZa5i1cGp21
x-cache
HIT
x-cache-hits
1
x-served-by
cache-mxp6963-MXP
x-timer
S1706677064.186960,VS0,VE1
nr-rum-1.246.1.min.js
js-agent.newrelic.com/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-rum-1.246.1.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef19e3064e5fd9e046a6f4661949e2c7b1c7862f5269ac227ab08b8f63da87fe
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
RDDAwCkVSpQHx6hy0l8q2dFgVzGGMuQC
content-encoding
br
via
1.1 varnish
date
Wed, 31 Jan 2024 04:57:44 GMT
strict-transport-security
max-age=300
x-amz-request-id
YBRNWXE6MTK8PNNK
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
15673
x-amz-id-2
XQYHrpXr1YVNgjN7PRNjEdaDBe0HvI/MpZbDKO67cFZIpn39LaKwy4yRvtTR+7yo8g7E1ZXIJeI=
x-served-by
cache-mxp6982-MXP
last-modified
Tue, 31 Oct 2023 15:33:55 GMT
server
AmazonS3
x-timer
S1706677064.233668,VS0,VE1
etag
"04fdba12d14ecd22e6ac743bca4e0072"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
1
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401250101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080755
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb43160d06e6bd7b0cc095deb335cc35130c2d933ca1215cc26992ac2d42a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12383
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=www.sanook.com&doc=complete&pg_h=7093&pg_w=1600&pg_hs=7093&c=1&aa_c=0&av_h=90&av_w=1600&av_a=144000&b=4251.500&all_b=4251.500&d=0.013&all_d=0.013&ard=0.013&all_ard=0.013&dt=d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
8f062114d3
bam.nr-data.net/1/ 		40 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/8f062114d3?a=50891400&sa=1&v=1.246.1&t=Unnamed%20Transaction&rst=6544&ck=0&s=0&ref=https://www.sanook.com/&be=2053&fe=4418&dc=1031&perf=%7B%22timing%22:%7B%22of%22:1706677057710,%22n%22:0,%22f%22:763,%22dn%22:1440,%22dne%22:1440,%22c%22:1440,%22s%22:1638,%22ce%22:1839,%22rq%22:1839,%22rp%22:2054,%22rpe%22:2253,%22di%22:2268,%22ds%22:3083,%22de%22:3084,%22dc%22:6470,%22l%22:6470,%22le%22:6471%7D,%22navigation%22:%7B%7D%7D&fp=2932&fcp=2932
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-rum-1.246.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 31 Jan 2024 04:57:44 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.sanook.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
CF-Ray
84df60243b4e2bec-FRA
Content-Length
40
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080755
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 31 Jan 2024 04:57:44 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5332 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
35086
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 19:12:58 GMT
expires
Wed, 29 Jan 2025 19:12:58 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5FA5 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
23c7a4aa75358f52cc68c676f0bbf04160f30519e226154baf4dacf42486b809
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-S0bLC1PjhBMXp4OeaO1hqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-S0bLC1PjhBMXp4OeaO1hqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 04:57:44 GMT
expires
Wed, 31 Jan 2024 04:57:44 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 5332 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 14:58:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
50354
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Jan 2025 14:58:30 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5FA5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401250101&jk=3611580827968359&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
PugMaster
image6.pubmatic.com/AdServer/ Frame EB05 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=84076019&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
5c10077637b6f89662fa6fdddd71f62795d1b2666a5920d8245ee828ca2355e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 31 Jan 2024 04:57:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 455C 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=43979405-4EF2-4FF7-97BB-059840D99A84&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 31 Jan 2024 04:57:44 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 97F4
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUeefb8bf9417b492cace669cf437a7ad8
42 B
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUeefb8bf9417b492cace669cf437a7ad8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 04:57:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Wed, 31 Jan 2024 04:57:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUeefb8bf9417b492cace669cf437a7ad8
pragma
no-cache
server
Tengine
Pug
image2.pubmatic.com/AdServer/ Frame 9FD2
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336727736117062
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336727736117062
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 04:57:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Wed, 31 Jan 2024 04:57:44 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336727736117062
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame B311
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 31 Jan 2024 04:57:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Wed, 31 Jan 2024 04:57:44 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame E4FF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZbnTSAABW68TOwBK
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Wed, 31 Jan 2024 04:57:44 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mxp6968-MXP
x-timer
S1706677065.577213,VS0,VE93

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Wed, 31 Jan 2024 04:57:44 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZbnTSAABW68TOwBK
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mxp6968-MXP
x-timer
S1706677064.466788,VS0,VE93
cookiesync
core.iprom.net/ Frame D6EA 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Wed, 31 Jan 2024 04:57:44 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-8e8db4df1962@version_1.583
X-core-time
1ms
X-server-arch
v2
bridge
cm.adgrx.com/ Frame B250 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Wed, 31 Jan 2024 04:57:44 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-9
Pug
image2.pubmatic.com/AdServer/ Frame CAE0
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26red...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=ac1c4c30844d9f85e13ebf3c9382aae4&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=H1I2i050UaWnMRggXhTVbgYR&gdpr=0&gdpr_consent=
42 B
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=H1I2i050UaWnMRggXhTVbgYR&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 04:57:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=H1I2i050UaWnMRggXhTVbgYR&gdpr=0&gdpr_consent=
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame FD64 		0
0
cm
ipac.ctnsnet.com/int/ Frame 5187 		43 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Wed, 31 Jan 2024 04:57:43 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
i.match
s.tribalfusion.com/z/ Frame D22B
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
420 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
84df60260b516969-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 04:57:44 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
84df6024dab26969-FRA
content-type
text/html
date
Wed, 31 Jan 2024 04:57:44 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
53
pubmatic
ad.mrtnsvr.com/sync/ Frame 5E42 		0
0
pub
matching.truffle.bid/sync/ Frame 117C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Wed, 31 Jan 2024 04:57:44 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 5C0F
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1706677064496
  • https://ad.turn.com/r/cs?pid=45&rndcb=7344063139
  • https://sync.1rx.io/usersync/turn/7074598175722257285?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-e6bb17fd-fe96-4226-b35d-349650324f34-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e6bb17fd-fe96-4226-b35d-349650324f34-003
42 B
335 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e6bb17fd-fe96-4226-b35d-349650324f34-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 04:57:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Wed, 31 Jan 2024 04:57:44 GMT
etag
RXe6bb17fdfe964226b35d349650324f34003
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e6bb17fd-fe96-4226-b35d-349650324f34-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Pug
simage2.pubmatic.com/AdServer/ Frame F6D3
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2A0CD7624B904F2592C0E7A29E0182DA&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2A0CD7624B904F2592C0E7A29E0182DA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 31 Jan 2024 04:57:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Wed, 31 Jan 2024 04:57:44 GMT
expires
Tue, 30 Jan 2024 04:57:44 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2A0CD7624B904F2592C0E7A29E0182DA&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame EB05 		95 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=43979405-4EF2-4FF7-97BB-059840D99A84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:44 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
84df6024db509112-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame EB05
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=43979405-4EF2-4FF7-97BB-059840D99A84&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=43979405-4EF2-4FF7-97BB-059840D99A84&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=43979405-4EF2-4FF7-97BB-059840D99A84&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.122 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
frontend-id
14
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:43 GMT
frontend-id
6
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=43979405-4EF2-4FF7-97BB-059840D99A84&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame EB05
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=43979405-4EF2-4FF7-97BB-059840D99A84&gdpr=0&gdpr_consent=
  • https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m
  • https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=5b57fd3a5a820740
  • https://ps.eyeota.net/pixel/bounce/?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=5b57fd3a5a820740
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MkZ4UHBXNzU4SVdKUFdsY1R0elUyUHhacHFETkFka25hc0lTWjBEemZPUU0&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=3b2cb90&referrer_pid=3b2cb90&google_gid=CAESEJKiSz8bEE67-L_JaoDyI_E&google_cver=1
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=7074598175722257285&newuser=1&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%...
  • https://ps.eyeota.net/match?uid=ZbnTSAABW68TOwBK&bid=0rijhbu&dc_rc=3&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%3D3b2cb90
  • https://ps.eyeota.net/match?uid=6626623700304249093&bid=2cr76e1&dc_rc=4&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:45 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
Date
Wed, 31 Jan 2024 04:57:45 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Pug
simage2.pubmatic.com/AdServer/ Frame EB05
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7074598175722257285&gdpr=0&gdpr_consent=&us_privacy=
1 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7074598175722257285&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 31 Jan 2024 04:57:44 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7074598175722257285&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 31 Jan 2024 04:57:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame EB05
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:e9c3b3bc-3705-4fd0-aff5-bb5f23b01245&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:e9c3b3bc-3705-4fd0-aff5-bb5f23b01245&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 04:57:44 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:e9c3b3bc-3705-4fd0-aff5-bb5f23b01245&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 31 Jan 2024 04:57:44 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
generate_204
tpc.googlesyndication.com/ Frame 5332 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?F2s1kg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:44 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
container.html
d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D8CD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080755
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 04:57:41 GMT
expires
Thu, 30 Jan 2025 04:57:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tfav_adl_532.js
j.adlooxtracking.com/ads/js/ 		75 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.adlooxtracking.com/ads/js/tfav_adl_532.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4092 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c126411169021a699eb16ebddcbb12f53fcb9a66007c85b474f81d77c6dd9aa4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:44 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1900
x-guploader-uploadid
ABPtcPqv_TPleR2bg-m-BGbLeQ_rF62BwSIxhSlZ4JGBEvM0K0NZuqPGBF82pcSIUOboNqYZdxaajlSlxg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Tue, 28 Nov 2023 10:23:31 GMT
server
cloudflare
etag
W/"debf2e7b81a350b1626854ba792819a3"
vary
Accept-Encoding
x-goog-generation
1701167011399040
content-type
application/javascript
x-goog-hash
crc32c=sMbcXg==, md5=3r8ue4GjULFiaFS6eSgZow==
cache-control
public, max-age=14400
x-goog-stored-content-length
76735
cf-ray
84df602528174d55-FRA
expires
Wed, 31 Jan 2024 05:26:04 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 5CE5 		47 B
167 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=5938186&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 31 Jan 2024 04:57:43 GMT
content-length
47
content-type
text/html; charset=UTF-8
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7293 		632 B
269 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COi0mwIQiaCjAhjltZuDAjAB&v=APEucNXTx12Cl5eLJf0zvkGD1UkAzYmKY9yczIVMDBuB-68S6U4CSliIRBCVbmipYz20TBD1OmI67oQpeHT9kfDDvi-QhI9gbWt6TKhGVVSuUg6JWsNuzl0
Requested by
Host: d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
URL: https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e34f3c96e1eae99e2fc8b8f0c8f608bf3d8822872bf36246c4360a024a8527d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
249
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 04:57:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame D8CD 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
URL: https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 04:57:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D8CD 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DGqgUPmPk1CQ3mupDQDB2srnEIMcUA7vgviPYSAcKVsLV3v0-0_Okqq26oGPX9eA2PROkC5NgmvOKc8mJxWwx15W6v74jw-qAp-p0AS8oXbdG438E
Requested by
Host: d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
URL: https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame D8CD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
URL: https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:12:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
35090
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 19:12:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame D8CD 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
URL: https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 23:41:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
18947
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 23:41:57 GMT
l
www.google.com/ads/measurement/ Frame D8CD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRpsRNV3-As3D91P2xQzQAwMXA8cRDHl8IppAndj1mdj_6_EwQJTCUWS7L9K4VS509oD_li8_sgcS_aA7wnTQwipV-fkQ
Requested by
Host: d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
URL: https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D8CD 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
URL: https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78788a484b77f37f7426b9bd6f15cd74c9ef95a46537de4c6a6f87ecea090d4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706532320618808"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Jan 2024 04:57:44 GMT
ic5.php
data00.adlooxtracking.com/ads/ 		88 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data00.adlooxtracking.com/ads/ic5.php?tagid=1193&client=and_beyond_media&ts=pg-6824~1_fo-6824~1_vpw-6824~1600_vph-6824~1200_scw-6824~1600_sch-6824~1200_sco-6824~1_sca-6824~0_srx-6824~0_sry-6824~0_ev-6822~sb.6824~rp.6824~rvp.6824~rap.6829~ss&att=0.0.1600~1200&visite_id=38194691678&seq=0&timezone=-60&js=tfav_adl_532.js&date_regen=3c20610&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=andbeyond3001&id2=%2F21751243814%2C4899711%2F640822-300-250-1&id3=0&id4=0&id7=300x250&id8=https%3A%2F%2Fwww.sanook.com%2F&id9=CH&id11=%24ADLOOX_WEBSITE&p_d=0.007&tc=&fai=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&iframe=0&resolution=1600x1200&nav_lang=en-US&url_referrer=https%3A%2F%2Fwww.sanook.com%2F&activetab=1&cf=1
Requested by
Host: j.adlooxtracking.com
URL: https://j.adlooxtracking.com/ads/js/tfav_adl_532.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.31.249 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.31.241.35.bc.googleusercontent.com
Software
/ PHP/7.4.33
Resource Hash
12db6710704be359f07f6c1e2bcb3955a3fd0ed332d59586cb0c38c6858c7312

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:44 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
PHP/7.4.33
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
x-route
ads-prod-79c7777877-gfg2j
accept-ch
UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
vary
Accept-Encoding
accept-ch-lifetime
86400
content-type
application/json
access-control-allow-origin
https://www.sanook.com
access-control-allow-methods
POST, OPTIONS
cache-control
no-cache, no-store, must-revalidate
access-control-max-age
86400
access-control-allow-headers
Content-Type, X-Requested-With
expires
0
setuid
ib.adnxs.com/ Frame 7293
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEF9SUTIN1jJVbWFbmdshfWY&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEF9SUTIN1jJVbWFbmdshfWY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COi0mwIQiaCjAhjltZuDAjAB&v=APEucNXTx12Cl5eLJf0zvkGD1UkAzYmKY9yczIVMDBuB-68S6U4CSliIRBCVbmipYz20TBD1OmI67oQpeHT9kfDDvi-QhI9gbWt6TKhGVVSuUg6JWsNuzl0
Protocol
H2
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:44 GMT
an-x-request-uuid
83b769b7-060b-4be6-873c-7139a0d5ddec
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
149.88.27.84; 149.88.27.84; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEF9SUTIN1jJVbWFbmdshfWY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7293
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjYyNjYyMzcwMDMwNDI0OTA5Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjYyNjYyMzcwMDMwNDI0OTA5Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COi0mwIQiaCjAhjltZuDAjAB&v=APEucNXTx12Cl5eLJf0zvkGD1UkAzYmKY9yczIVMDBuB-68S6U4CSliIRBCVbmipYz20TBD1OmI67oQpeHT9kfDDvi-QhI9gbWt6TKhGVVSuUg6JWsNuzl0
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:44 GMT
an-x-request-uuid
cc4bcaf7-c8b6-4b7d-a64d-b0dab0bc63f7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjYyNjYyMzcwMDMwNDI0OTA5Mw%3D%3D
x-proxy-origin
149.88.27.84; 149.88.27.84; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7293
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPZ2bdZtvxV67QJ6NzWTyP0&google_cver=1&gdpr=0
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPZ2bdZtvxV67QJ6NzWTyP0&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COi0mwIQiaCjAhjltZuDAjAB&v=APEucNXTx12Cl5eLJf0zvkGD1UkAzYmKY9yczIVMDBuB-68S6U4CSliIRBCVbmipYz20TBD1OmI67oQpeHT9kfDDvi-QhI9gbWt6TKhGVVSuUg6JWsNuzl0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:44 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPZ2bdZtvxV67QJ6NzWTyP0&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7293
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjIzY2JhMjQtMjE5ZC02YTkyLTc2MjEtNjBmZjk5MzIyOWNl
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjIzY2JhMjQtMjE5ZC02YTkyLTc2MjEtNjBmZjk5MzIyOWNl
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COi0mwIQiaCjAhjltZuDAjAB&v=APEucNXTx12Cl5eLJf0zvkGD1UkAzYmKY9yczIVMDBuB-68S6U4CSliIRBCVbmipYz20TBD1OmI67oQpeHT9kfDDvi-QhI9gbWt6TKhGVVSuUg6JWsNuzl0
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 31 Jan 2024 04:57:44 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjIzY2JhMjQtMjE5ZC02YTkyLTc2MjEtNjBmZjk5MzIyOWNl
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame D8CD 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6058354710037&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D8CD 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6058354710037&version=m202309260101&ct=119&x=1&cor=14503066586972058000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame D8CD 		92 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BqAicVuh8DuNGcOeZ3n8g-eJ8yFN6rwQHvxwpxbdT6qXnbj69_bRRSEFLMdifJWM5sM6JNGo4325IAHlKDyUuSz4giJtf2qTlMirHsR-DcXJCoDyzJiP6sddnP2wG1iUGkk-4j9JF3BMagtRUy7TXeruR_AovyaQt6sZFIUeFUGacGI9XR-eXAmcxmRCtlsHkz9toi&cry=1&dbm_d=AKAmf-C1M1AskEi0F6fFaPFgH6elQhouLeRL-h-KaFxoLxivYybdJTxt1o66AfHSWbAQuu5S5R0aKw3wXeY-op1fYWD5Dyi87Q6aPsRiEgfeSFLgZ5xRU7a8z8P41eRFuEd50TIiSWANDaZ70Q6Y0OG_Z7nu9fN_WImaKEh2r0BGaWEWI1hHbZg6jD0JUpMEDDc4a281ONDqVl7fqPZfFvwJsZ0xRQe_2gFRPRoMPp8CAYGy8Vd5Tx-R3qHFiLQ46oj29Tt4nAH4zZv4M4TWpqtf9IvxBd3EHkSP22DkBuxEJmvbT2Zo4isfXU__mAypQU9Y9SbSYc6nxg6t_eP4slkTtOY1tlXFb0Ae9HnLfMxapeTSaLx0GWl9iiVccZ-77sxPD_UByv4irkfJOydgyo0jV1v6w6gvpRIJoldwqSHwxjGrpK0HRyaTgDY_xjZbr2TJ_g-UTZ-n7XM0bLLRjo6NxnlNPWiLSWCPY8reM8rDImVMGAk4nepI2XpOH-ozRXxPGPcAicftAVcwtf1RAxa8QHi-gDlD5zCqbuovVttqO0Vsmk8aiOPQOVK1w9aQwvEoAWAM8d0RR4WNUWPEedX0H5F-ZddYQJXaHMkcfNbqwQIBydmo09f8PxM8znxfJveD0TjZQJzge5_xELFWe1-gnDL402O3huZdjsDql-EZko_alR6RFp4NocW_kyNvgeScCFI7crYk_tDs2whwBVy5pQNFpd2GXxDgBrZH08Tm4NlkSFTvwpGG1j4MA3wW6F03SEa7TSKz_6YI_WnFBvdeYC5jAp1TTcHSaLTMf4VrJ4986GXpbRK7NXgc09R3PRwmoKPd9zEicVTpj5NozVW1qbkSYvHyUao5C-clC9spPJwMj6A6tcjr44ZjTrJhCHnVPLR9-e6_Jgh00c6cLmiQQrXlRJ2pV0j6Cyy_t8QyYBdV9qXXl2HdV4vp5gPsRR2tXYhDC-wvbR47DQvxw4-Q2QfGTkenusEZEQDiYUO7FVEbkSfc9LqbGFw4_MvEAce2_a1KlAe7MCn_2AuMBGVdOar0jer2lVflI2KSE-LEFmEqsSQChMJ9bECy03HnXuVGsDOjFrKEszNs_mk79UP85RePde6kqHEBwTKI0VcYPDrGyLjzhj4aLvuRxwgQ40MLJFIGQcy52MX8CaPh4n-PZLyWKG8fiyWv5G5jAx1RyYSS-ZMZ42Oo9JXZQJ3Idp9eXHaDVCLMVGVNrTOIw7Z_u6smEd0tApoD2o6XGISxXxTCYO3oIQEJveIqR4hBrfCR9ZV2ZPspGgiko8x9SABreUizJ9s2OLy8Ub4r6G27pwsviO2QL9pN9KriufjiJYTU8IZogZG977tUx0WjnIm0LdlfnVJk-rBxKe0krUFS3ITEU8vxhbY4Rybw1qcnagxSruLVLsMuDZNrHwLJe4FYpQlztibnxONyCe1sIL5eQysKOCV2u0fCLd2-iXzLW5sm19BX5zk63smk_mhnL0BOy5mp3nEwOWMzyoQMrrPyF-95LwGabumqDxDUwwak-tcqlk1XRPQUEs57Wc4jmB8PTJNFhKl3-12JVl0oUScqEfNgDJwwzp0N0kxcyE2zVnp--M8TNDGVlLmkcsj2_Y4FetXegArGmABH9Jm-_A9h8nFHoV-2Dq7E7FIkcz0-yFYbbAGtLhFL9p3M3Fe7V6KKlcD7XK7V6qGMx6TKZqDW3yQe7ZluDrPpw3rZ8pfOd0I4MEEm-js3sUnQp-QbmZJOKJnDQpgGn_vLf18gr6IILDFj2urCZPypu3JBPZj_D8mqojg0VO7FBXvGE3AL1uy1V4Xc9TD5-7CsXzPQ7swDTmajrgoRpetTQ5Hzd4K0ImQWL-nK-a7RGt3v_cJ3m1gcxNMGgNEH3OCiKxkahEg1PQTBExtEpxrIiBkwTftBtQVG-c876aEIxrZwiva5BN634yMYXaeTqaUEhCrmDGqvSKRns1gdjtMFwiZ23z4CkH5EM0LrBEtIM9FyIxoRL2AMkW3T9H6Jo_raUNQX6MVKSDGstO7d7fquRWDe3nAIUECI0lM12svx5ByCnfqS63aRfdGP6TusDe7JMbp2s5QrRJvg2b3_vWwxRGr22-nkk_K_AOTEeKFmputegPOaW4ZjL4qnzbvWJR8lcvlNQwB60Y2yYYZCihyJZkI2UfXYCfHezaTQ8bahCP1fpozhF6xx8dGnecFweosmMdBxfyl4Txt8f4IcQZZCtEHSc9Bk0d8-al1zOa9QhUcFr5RfN1M1mbgP6V2aoLIWl_PobhhJ9DWrlYl2oQldq7xhFYlFB_u-WETIIpMwnP0A59iss7Odeba2qAFKlXtg_aM2Ym5JMWG3fV9LqVwImEO2_oIb9yiCvHH1_K0YItA03vAL8IA_DnnjvbXLABpRkW67gT1c3Hp78jdup9NhoMV0R4eojQdkz6ffy99oz4W05GEb_CwEtJ7UHPfW0D8kYk-m9feD7QRCaSMC3rWAe-E6YVAV1AjoH_jwvL1n_03Qd_e434QuVuXX1_Yd-U9oictYN0TEvzjb0E6fUyQAS-sdK_UZO3bsa_rmvdwduFxOwekDEAQT8KfXCxjlDB1SuPr-7luFzW5t0rjMTuLJDojgv1iLRV6rtNO3mrJdgcV8ByXCdNc8-wvu5o-pCMepHA8JHvXWrZocl5nCiGT1_Y2ORgDvUE_iM9Laex5WH1vRY8efj9CJFcGdk02Ma1GQcmqGR3t9hlFJ-hh-qAyOdIs4VIB_owB9eLsopfrPrQcthTQcqUGe-hvLfSxB2sfKpCu9ECzdq27ygnRc9Y-EsCLZmEjmlQXBJbG1x9U8YJxn2W5amd_Eq180UDdDA1Up4BWy3yvWAhgcqtRvGmM06CBmSie1yLtVCUzCo30E6EQIH3Ld6Qmtx1iec0CgOJomhfXcMJD-ILmx5_dLgT1Wc8KIiU56AqO4VysMgmCULxzlwi6r7dj9BbouVCs7EXnD2L982uaUyMiX40tu7RF23XJhdpsLMcY5I0FXZ-aQz8xi7Uuxr_A39iCUoZQ8cM6L_WU9ZkNdIo9ea5Y51EBW44aDwLNk3S5VBiQnbdAUSKcSr4fHjzIWarc9GBnHp0D7Txs-MlXAMj8jYd9NxDuq6OnTIc6gShZiIC9dJKAeLVvh8ClIagEMe6QSDD4Vtu474jHhl1E4ygOcQ1mwTKLTd1lTtTi1J4uRkHlyCcD_H4RJ4WJq6K_UnJ87KBRjQOfZsOo9psFQcx2QEuua_0q_2SDeRaVMlo2p9SRzDZTbxVYVqc79ipfQ9dv7HnmdaptuP28kl7rB4oo4DaueegQoT4uJMozIY52DXqDKBbDMC5qrsBYhKJLP4w1I3yNznjgtd5Q5E5U6l1WjuKX8896vsgE3UV1_7_Y5dfh8VZ2RiGqH2XHI2iRzI9-WidYgvVYegg7lKrq1MHmmQZ1jBioOIbvDsghMGA90rpB_V3g9LkdO5yjtE5iMtuT9_Aeqr2uhMvbFPHaXw1zEDaele92uDBV2tRM4zbr5W6cUGyzLHNVe3oSzRxW_TxRTpNRqYqS2XDP9s4OhM4A1afqLMipfmlp096P0O9OZ6wS6YEdy-aiVB00oOQSt-NC0deEkYc9uIEfwtAq5iFmWEKS52m8bCWSo9gMlnQBLpK-XdorTKpmECiA0McrgLabBFKf3y5EGmGc6ZC50xOyB8b3voj5kwEHaZpPH-1-s3n146IE7dRTGvSQH84fR7BFH6Iix5qKlrvjO1CHRg2cruAWdBUmg561uoZcxX7m5KWPz_saV2JK3D3wrdsj_BdEnBNZPoZol7igNiLw5NEszDVfvpHtaw0Exs0NwbZ2cKJDO45VkJOtfObHNifOA7Wul-wq2L6B7kFTTXrbFrp87E0VWbStgVyiE7lsswc-Q9fm7Oy6mqiVZ14Kz4rK7IobCUr3etcnO9EgaaqMMnHldnEW2ocxjnK562g88lZCCWJrLKrIbpOu4g_bmdAVWCy0IB1m4N5kUhFXJrVdKmHM-rm9atuvdhiTP9-0QrqrKQIZ4hobT71Wa24sCxDrVgVowZBrXeVo2BoLXn6iueOp4cZtBdScDEYmyEDjdHmJTg-T9n08DP3DMJQdzIhPYF2Kr-LiouBpWvB8GQ0FXUiPQBbBNExxCRhVTqc7G6j_YjqnVfxfdpjTy8mBS0pXsUV0Z7qkJGw&cid=CAQSOwAvHhf_XMJMYQnlkTtc4oDfYb6PmLtHYwE8LH5fbAGy6pbzkjUwk4qgxglrOfT-2cvbYcftn6xWUqivGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.sanook.com%2F&ds=l&xdt=1&iif=1&cor=14503066586972058000&adk=1851774820&idt=77&cac=0&dtd=37
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4351466777b336b6ddbc423a48543fd869acac70ba47f2142461cd4ec67f8894
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39101
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
ap.lijit.com/ 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.57.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-57-151.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 31 Jan 2024 04:57:44 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-methods
GET, POST, DELETE, PUT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame D8CD 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
Origin
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:55:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36120
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 31 Jan 2024 18:55:44 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240124/r20110914/elements/html/ Frame D8CD 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240124/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BqAicVuh8DuNGcOeZ3n8g-eJ8yFN6rwQHvxwpxbdT6qXnbj69_bRRSEFLMdifJWM5sM6JNGo4325IAHlKDyUuSz4giJtf2qTlMirHsR-DcXJCoDyzJiP6sddnP2wG1iUGkk-4j9JF3BMagtRUy7TXeruR_AovyaQt6sZFIUeFUGacGI9XR-eXAmcxmRCtlsHkz9toi&cry=1&dbm_d=AKAmf-C1M1AskEi0F6fFaPFgH6elQhouLeRL-h-KaFxoLxivYybdJTxt1o66AfHSWbAQuu5S5R0aKw3wXeY-op1fYWD5Dyi87Q6aPsRiEgfeSFLgZ5xRU7a8z8P41eRFuEd50TIiSWANDaZ70Q6Y0OG_Z7nu9fN_WImaKEh2r0BGaWEWI1hHbZg6jD0JUpMEDDc4a281ONDqVl7fqPZfFvwJsZ0xRQe_2gFRPRoMPp8CAYGy8Vd5Tx-R3qHFiLQ46oj29Tt4nAH4zZv4M4TWpqtf9IvxBd3EHkSP22DkBuxEJmvbT2Zo4isfXU__mAypQU9Y9SbSYc6nxg6t_eP4slkTtOY1tlXFb0Ae9HnLfMxapeTSaLx0GWl9iiVccZ-77sxPD_UByv4irkfJOydgyo0jV1v6w6gvpRIJoldwqSHwxjGrpK0HRyaTgDY_xjZbr2TJ_g-UTZ-n7XM0bLLRjo6NxnlNPWiLSWCPY8reM8rDImVMGAk4nepI2XpOH-ozRXxPGPcAicftAVcwtf1RAxa8QHi-gDlD5zCqbuovVttqO0Vsmk8aiOPQOVK1w9aQwvEoAWAM8d0RR4WNUWPEedX0H5F-ZddYQJXaHMkcfNbqwQIBydmo09f8PxM8znxfJveD0TjZQJzge5_xELFWe1-gnDL402O3huZdjsDql-EZko_alR6RFp4NocW_kyNvgeScCFI7crYk_tDs2whwBVy5pQNFpd2GXxDgBrZH08Tm4NlkSFTvwpGG1j4MA3wW6F03SEa7TSKz_6YI_WnFBvdeYC5jAp1TTcHSaLTMf4VrJ4986GXpbRK7NXgc09R3PRwmoKPd9zEicVTpj5NozVW1qbkSYvHyUao5C-clC9spPJwMj6A6tcjr44ZjTrJhCHnVPLR9-e6_Jgh00c6cLmiQQrXlRJ2pV0j6Cyy_t8QyYBdV9qXXl2HdV4vp5gPsRR2tXYhDC-wvbR47DQvxw4-Q2QfGTkenusEZEQDiYUO7FVEbkSfc9LqbGFw4_MvEAce2_a1KlAe7MCn_2AuMBGVdOar0jer2lVflI2KSE-LEFmEqsSQChMJ9bECy03HnXuVGsDOjFrKEszNs_mk79UP85RePde6kqHEBwTKI0VcYPDrGyLjzhj4aLvuRxwgQ40MLJFIGQcy52MX8CaPh4n-PZLyWKG8fiyWv5G5jAx1RyYSS-ZMZ42Oo9JXZQJ3Idp9eXHaDVCLMVGVNrTOIw7Z_u6smEd0tApoD2o6XGISxXxTCYO3oIQEJveIqR4hBrfCR9ZV2ZPspGgiko8x9SABreUizJ9s2OLy8Ub4r6G27pwsviO2QL9pN9KriufjiJYTU8IZogZG977tUx0WjnIm0LdlfnVJk-rBxKe0krUFS3ITEU8vxhbY4Rybw1qcnagxSruLVLsMuDZNrHwLJe4FYpQlztibnxONyCe1sIL5eQysKOCV2u0fCLd2-iXzLW5sm19BX5zk63smk_mhnL0BOy5mp3nEwOWMzyoQMrrPyF-95LwGabumqDxDUwwak-tcqlk1XRPQUEs57Wc4jmB8PTJNFhKl3-12JVl0oUScqEfNgDJwwzp0N0kxcyE2zVnp--M8TNDGVlLmkcsj2_Y4FetXegArGmABH9Jm-_A9h8nFHoV-2Dq7E7FIkcz0-yFYbbAGtLhFL9p3M3Fe7V6KKlcD7XK7V6qGMx6TKZqDW3yQe7ZluDrPpw3rZ8pfOd0I4MEEm-js3sUnQp-QbmZJOKJnDQpgGn_vLf18gr6IILDFj2urCZPypu3JBPZj_D8mqojg0VO7FBXvGE3AL1uy1V4Xc9TD5-7CsXzPQ7swDTmajrgoRpetTQ5Hzd4K0ImQWL-nK-a7RGt3v_cJ3m1gcxNMGgNEH3OCiKxkahEg1PQTBExtEpxrIiBkwTftBtQVG-c876aEIxrZwiva5BN634yMYXaeTqaUEhCrmDGqvSKRns1gdjtMFwiZ23z4CkH5EM0LrBEtIM9FyIxoRL2AMkW3T9H6Jo_raUNQX6MVKSDGstO7d7fquRWDe3nAIUECI0lM12svx5ByCnfqS63aRfdGP6TusDe7JMbp2s5QrRJvg2b3_vWwxRGr22-nkk_K_AOTEeKFmputegPOaW4ZjL4qnzbvWJR8lcvlNQwB60Y2yYYZCihyJZkI2UfXYCfHezaTQ8bahCP1fpozhF6xx8dGnecFweosmMdBxfyl4Txt8f4IcQZZCtEHSc9Bk0d8-al1zOa9QhUcFr5RfN1M1mbgP6V2aoLIWl_PobhhJ9DWrlYl2oQldq7xhFYlFB_u-WETIIpMwnP0A59iss7Odeba2qAFKlXtg_aM2Ym5JMWG3fV9LqVwImEO2_oIb9yiCvHH1_K0YItA03vAL8IA_DnnjvbXLABpRkW67gT1c3Hp78jdup9NhoMV0R4eojQdkz6ffy99oz4W05GEb_CwEtJ7UHPfW0D8kYk-m9feD7QRCaSMC3rWAe-E6YVAV1AjoH_jwvL1n_03Qd_e434QuVuXX1_Yd-U9oictYN0TEvzjb0E6fUyQAS-sdK_UZO3bsa_rmvdwduFxOwekDEAQT8KfXCxjlDB1SuPr-7luFzW5t0rjMTuLJDojgv1iLRV6rtNO3mrJdgcV8ByXCdNc8-wvu5o-pCMepHA8JHvXWrZocl5nCiGT1_Y2ORgDvUE_iM9Laex5WH1vRY8efj9CJFcGdk02Ma1GQcmqGR3t9hlFJ-hh-qAyOdIs4VIB_owB9eLsopfrPrQcthTQcqUGe-hvLfSxB2sfKpCu9ECzdq27ygnRc9Y-EsCLZmEjmlQXBJbG1x9U8YJxn2W5amd_Eq180UDdDA1Up4BWy3yvWAhgcqtRvGmM06CBmSie1yLtVCUzCo30E6EQIH3Ld6Qmtx1iec0CgOJomhfXcMJD-ILmx5_dLgT1Wc8KIiU56AqO4VysMgmCULxzlwi6r7dj9BbouVCs7EXnD2L982uaUyMiX40tu7RF23XJhdpsLMcY5I0FXZ-aQz8xi7Uuxr_A39iCUoZQ8cM6L_WU9ZkNdIo9ea5Y51EBW44aDwLNk3S5VBiQnbdAUSKcSr4fHjzIWarc9GBnHp0D7Txs-MlXAMj8jYd9NxDuq6OnTIc6gShZiIC9dJKAeLVvh8ClIagEMe6QSDD4Vtu474jHhl1E4ygOcQ1mwTKLTd1lTtTi1J4uRkHlyCcD_H4RJ4WJq6K_UnJ87KBRjQOfZsOo9psFQcx2QEuua_0q_2SDeRaVMlo2p9SRzDZTbxVYVqc79ipfQ9dv7HnmdaptuP28kl7rB4oo4DaueegQoT4uJMozIY52DXqDKBbDMC5qrsBYhKJLP4w1I3yNznjgtd5Q5E5U6l1WjuKX8896vsgE3UV1_7_Y5dfh8VZ2RiGqH2XHI2iRzI9-WidYgvVYegg7lKrq1MHmmQZ1jBioOIbvDsghMGA90rpB_V3g9LkdO5yjtE5iMtuT9_Aeqr2uhMvbFPHaXw1zEDaele92uDBV2tRM4zbr5W6cUGyzLHNVe3oSzRxW_TxRTpNRqYqS2XDP9s4OhM4A1afqLMipfmlp096P0O9OZ6wS6YEdy-aiVB00oOQSt-NC0deEkYc9uIEfwtAq5iFmWEKS52m8bCWSo9gMlnQBLpK-XdorTKpmECiA0McrgLabBFKf3y5EGmGc6ZC50xOyB8b3voj5kwEHaZpPH-1-s3n146IE7dRTGvSQH84fR7BFH6Iix5qKlrvjO1CHRg2cruAWdBUmg561uoZcxX7m5KWPz_saV2JK3D3wrdsj_BdEnBNZPoZol7igNiLw5NEszDVfvpHtaw0Exs0NwbZ2cKJDO45VkJOtfObHNifOA7Wul-wq2L6B7kFTTXrbFrp87E0VWbStgVyiE7lsswc-Q9fm7Oy6mqiVZ14Kz4rK7IobCUr3etcnO9EgaaqMMnHldnEW2ocxjnK562g88lZCCWJrLKrIbpOu4g_bmdAVWCy0IB1m4N5kUhFXJrVdKmHM-rm9atuvdhiTP9-0QrqrKQIZ4hobT71Wa24sCxDrVgVowZBrXeVo2BoLXn6iueOp4cZtBdScDEYmyEDjdHmJTg-T9n08DP3DMJQdzIhPYF2Kr-LiouBpWvB8GQ0FXUiPQBbBNExxCRhVTqc7G6j_YjqnVfxfdpjTy8mBS0pXsUV0Z7qkJGw&cid=CAQSOwAvHhf_XMJMYQnlkTtc4oDfYb6PmLtHYwE8LH5fbAGy6pbzkjUwk4qgxglrOfT-2cvbYcftn6xWUqivGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.sanook.com%2F&ds=l&xdt=1&iif=1&cor=14503066586972058000&adk=1851774820&idt=77&cac=0&dtd=37
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 06:22:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
81299
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
x-xss-protection
0
server
cafe
etag
1583492410672046836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 06:22:45 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240124/r20110914/ Frame D8CD 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240124/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BqAicVuh8DuNGcOeZ3n8g-eJ8yFN6rwQHvxwpxbdT6qXnbj69_bRRSEFLMdifJWM5sM6JNGo4325IAHlKDyUuSz4giJtf2qTlMirHsR-DcXJCoDyzJiP6sddnP2wG1iUGkk-4j9JF3BMagtRUy7TXeruR_AovyaQt6sZFIUeFUGacGI9XR-eXAmcxmRCtlsHkz9toi&cry=1&dbm_d=AKAmf-C1M1AskEi0F6fFaPFgH6elQhouLeRL-h-KaFxoLxivYybdJTxt1o66AfHSWbAQuu5S5R0aKw3wXeY-op1fYWD5Dyi87Q6aPsRiEgfeSFLgZ5xRU7a8z8P41eRFuEd50TIiSWANDaZ70Q6Y0OG_Z7nu9fN_WImaKEh2r0BGaWEWI1hHbZg6jD0JUpMEDDc4a281ONDqVl7fqPZfFvwJsZ0xRQe_2gFRPRoMPp8CAYGy8Vd5Tx-R3qHFiLQ46oj29Tt4nAH4zZv4M4TWpqtf9IvxBd3EHkSP22DkBuxEJmvbT2Zo4isfXU__mAypQU9Y9SbSYc6nxg6t_eP4slkTtOY1tlXFb0Ae9HnLfMxapeTSaLx0GWl9iiVccZ-77sxPD_UByv4irkfJOydgyo0jV1v6w6gvpRIJoldwqSHwxjGrpK0HRyaTgDY_xjZbr2TJ_g-UTZ-n7XM0bLLRjo6NxnlNPWiLSWCPY8reM8rDImVMGAk4nepI2XpOH-ozRXxPGPcAicftAVcwtf1RAxa8QHi-gDlD5zCqbuovVttqO0Vsmk8aiOPQOVK1w9aQwvEoAWAM8d0RR4WNUWPEedX0H5F-ZddYQJXaHMkcfNbqwQIBydmo09f8PxM8znxfJveD0TjZQJzge5_xELFWe1-gnDL402O3huZdjsDql-EZko_alR6RFp4NocW_kyNvgeScCFI7crYk_tDs2whwBVy5pQNFpd2GXxDgBrZH08Tm4NlkSFTvwpGG1j4MA3wW6F03SEa7TSKz_6YI_WnFBvdeYC5jAp1TTcHSaLTMf4VrJ4986GXpbRK7NXgc09R3PRwmoKPd9zEicVTpj5NozVW1qbkSYvHyUao5C-clC9spPJwMj6A6tcjr44ZjTrJhCHnVPLR9-e6_Jgh00c6cLmiQQrXlRJ2pV0j6Cyy_t8QyYBdV9qXXl2HdV4vp5gPsRR2tXYhDC-wvbR47DQvxw4-Q2QfGTkenusEZEQDiYUO7FVEbkSfc9LqbGFw4_MvEAce2_a1KlAe7MCn_2AuMBGVdOar0jer2lVflI2KSE-LEFmEqsSQChMJ9bECy03HnXuVGsDOjFrKEszNs_mk79UP85RePde6kqHEBwTKI0VcYPDrGyLjzhj4aLvuRxwgQ40MLJFIGQcy52MX8CaPh4n-PZLyWKG8fiyWv5G5jAx1RyYSS-ZMZ42Oo9JXZQJ3Idp9eXHaDVCLMVGVNrTOIw7Z_u6smEd0tApoD2o6XGISxXxTCYO3oIQEJveIqR4hBrfCR9ZV2ZPspGgiko8x9SABreUizJ9s2OLy8Ub4r6G27pwsviO2QL9pN9KriufjiJYTU8IZogZG977tUx0WjnIm0LdlfnVJk-rBxKe0krUFS3ITEU8vxhbY4Rybw1qcnagxSruLVLsMuDZNrHwLJe4FYpQlztibnxONyCe1sIL5eQysKOCV2u0fCLd2-iXzLW5sm19BX5zk63smk_mhnL0BOy5mp3nEwOWMzyoQMrrPyF-95LwGabumqDxDUwwak-tcqlk1XRPQUEs57Wc4jmB8PTJNFhKl3-12JVl0oUScqEfNgDJwwzp0N0kxcyE2zVnp--M8TNDGVlLmkcsj2_Y4FetXegArGmABH9Jm-_A9h8nFHoV-2Dq7E7FIkcz0-yFYbbAGtLhFL9p3M3Fe7V6KKlcD7XK7V6qGMx6TKZqDW3yQe7ZluDrPpw3rZ8pfOd0I4MEEm-js3sUnQp-QbmZJOKJnDQpgGn_vLf18gr6IILDFj2urCZPypu3JBPZj_D8mqojg0VO7FBXvGE3AL1uy1V4Xc9TD5-7CsXzPQ7swDTmajrgoRpetTQ5Hzd4K0ImQWL-nK-a7RGt3v_cJ3m1gcxNMGgNEH3OCiKxkahEg1PQTBExtEpxrIiBkwTftBtQVG-c876aEIxrZwiva5BN634yMYXaeTqaUEhCrmDGqvSKRns1gdjtMFwiZ23z4CkH5EM0LrBEtIM9FyIxoRL2AMkW3T9H6Jo_raUNQX6MVKSDGstO7d7fquRWDe3nAIUECI0lM12svx5ByCnfqS63aRfdGP6TusDe7JMbp2s5QrRJvg2b3_vWwxRGr22-nkk_K_AOTEeKFmputegPOaW4ZjL4qnzbvWJR8lcvlNQwB60Y2yYYZCihyJZkI2UfXYCfHezaTQ8bahCP1fpozhF6xx8dGnecFweosmMdBxfyl4Txt8f4IcQZZCtEHSc9Bk0d8-al1zOa9QhUcFr5RfN1M1mbgP6V2aoLIWl_PobhhJ9DWrlYl2oQldq7xhFYlFB_u-WETIIpMwnP0A59iss7Odeba2qAFKlXtg_aM2Ym5JMWG3fV9LqVwImEO2_oIb9yiCvHH1_K0YItA03vAL8IA_DnnjvbXLABpRkW67gT1c3Hp78jdup9NhoMV0R4eojQdkz6ffy99oz4W05GEb_CwEtJ7UHPfW0D8kYk-m9feD7QRCaSMC3rWAe-E6YVAV1AjoH_jwvL1n_03Qd_e434QuVuXX1_Yd-U9oictYN0TEvzjb0E6fUyQAS-sdK_UZO3bsa_rmvdwduFxOwekDEAQT8KfXCxjlDB1SuPr-7luFzW5t0rjMTuLJDojgv1iLRV6rtNO3mrJdgcV8ByXCdNc8-wvu5o-pCMepHA8JHvXWrZocl5nCiGT1_Y2ORgDvUE_iM9Laex5WH1vRY8efj9CJFcGdk02Ma1GQcmqGR3t9hlFJ-hh-qAyOdIs4VIB_owB9eLsopfrPrQcthTQcqUGe-hvLfSxB2sfKpCu9ECzdq27ygnRc9Y-EsCLZmEjmlQXBJbG1x9U8YJxn2W5amd_Eq180UDdDA1Up4BWy3yvWAhgcqtRvGmM06CBmSie1yLtVCUzCo30E6EQIH3Ld6Qmtx1iec0CgOJomhfXcMJD-ILmx5_dLgT1Wc8KIiU56AqO4VysMgmCULxzlwi6r7dj9BbouVCs7EXnD2L982uaUyMiX40tu7RF23XJhdpsLMcY5I0FXZ-aQz8xi7Uuxr_A39iCUoZQ8cM6L_WU9ZkNdIo9ea5Y51EBW44aDwLNk3S5VBiQnbdAUSKcSr4fHjzIWarc9GBnHp0D7Txs-MlXAMj8jYd9NxDuq6OnTIc6gShZiIC9dJKAeLVvh8ClIagEMe6QSDD4Vtu474jHhl1E4ygOcQ1mwTKLTd1lTtTi1J4uRkHlyCcD_H4RJ4WJq6K_UnJ87KBRjQOfZsOo9psFQcx2QEuua_0q_2SDeRaVMlo2p9SRzDZTbxVYVqc79ipfQ9dv7HnmdaptuP28kl7rB4oo4DaueegQoT4uJMozIY52DXqDKBbDMC5qrsBYhKJLP4w1I3yNznjgtd5Q5E5U6l1WjuKX8896vsgE3UV1_7_Y5dfh8VZ2RiGqH2XHI2iRzI9-WidYgvVYegg7lKrq1MHmmQZ1jBioOIbvDsghMGA90rpB_V3g9LkdO5yjtE5iMtuT9_Aeqr2uhMvbFPHaXw1zEDaele92uDBV2tRM4zbr5W6cUGyzLHNVe3oSzRxW_TxRTpNRqYqS2XDP9s4OhM4A1afqLMipfmlp096P0O9OZ6wS6YEdy-aiVB00oOQSt-NC0deEkYc9uIEfwtAq5iFmWEKS52m8bCWSo9gMlnQBLpK-XdorTKpmECiA0McrgLabBFKf3y5EGmGc6ZC50xOyB8b3voj5kwEHaZpPH-1-s3n146IE7dRTGvSQH84fR7BFH6Iix5qKlrvjO1CHRg2cruAWdBUmg561uoZcxX7m5KWPz_saV2JK3D3wrdsj_BdEnBNZPoZol7igNiLw5NEszDVfvpHtaw0Exs0NwbZ2cKJDO45VkJOtfObHNifOA7Wul-wq2L6B7kFTTXrbFrp87E0VWbStgVyiE7lsswc-Q9fm7Oy6mqiVZ14Kz4rK7IobCUr3etcnO9EgaaqMMnHldnEW2ocxjnK562g88lZCCWJrLKrIbpOu4g_bmdAVWCy0IB1m4N5kUhFXJrVdKmHM-rm9atuvdhiTP9-0QrqrKQIZ4hobT71Wa24sCxDrVgVowZBrXeVo2BoLXn6iueOp4cZtBdScDEYmyEDjdHmJTg-T9n08DP3DMJQdzIhPYF2Kr-LiouBpWvB8GQ0FXUiPQBbBNExxCRhVTqc7G6j_YjqnVfxfdpjTy8mBS0pXsUV0Z7qkJGw&cid=CAQSOwAvHhf_XMJMYQnlkTtc4oDfYb6PmLtHYwE8LH5fbAGy6pbzkjUwk4qgxglrOfT-2cvbYcftn6xWUqivGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.sanook.com%2F&ds=l&xdt=1&iif=1&cor=14503066586972058000&adk=1851774820&idt=77&cac=0&dtd=37
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d84037bada82c8af096c750483248eb827b621c42236f3b687cc07c2f93d6dbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:58:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
35955
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11928
x-xss-protection
0
server
cafe
etag
10551285868935850944
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 18:58:29 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame D8CD 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:07:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
35386
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 19:07:58 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F819 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
URL: https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
42420
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 17:10:44 GMT
etag
48472445140208031
expires
Wed, 31 Jan 2024 17:10:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D8CD 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
507a9f376dfa7ad48d864182db28f05da52f796c16cc0291fbea9291713a931f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 78A7 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
35366
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 19:08:18 GMT
expires
Wed, 29 Jan 2025 19:08:18 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
i.match
a.tribalfusion.com/ Frame F819 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEJ9oMuTiQ8kqyWxoKNavLwA&google_cver=1&google_push=AXcoOmTD9vPy_qOCvTX9kz_nYg-U6aTLIu08W339EftDrNKv2GJJzQpnZ-hVKD4De0kPxKP0b7FeaoNT-em8osGOEdRPCQTiKcFMrg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTD9vPy_qOCvTX9kz_nYg-U6aTLIu08W339EftDrNKv2GJJzQpnZ-hVKD4De0kPxKP0b7FeaoNT-em8osGOEdRPCQTiKcFMrg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
URL: https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:44 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
84df60268b976969-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F819
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKRYFt2kMhmnJAfE6pGCDog&google_cver=1&google_push=AXcoOmRO4FcCUCQSK9I5mi80DqvJEEN0Y7YSrpZb73FO8FuZp1Pc56WGNS1dRqnwvgZDFGxjBVzEiUIiB6VMZz...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMzMDEyMjE2MTgzNjE5MzkzNg%3D%3D&google_push=AXcoOmRO4FcCUCQSK9I5mi80DqvJEEN0Y7YSrpZb73FO8FuZp1Pc56WGNS1dRqnwvgZDFGxjBVzEiUIiB6VMZzDfry...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMzMDEyMjE2MTgzNjE5MzkzNg%3D%3D&google_push=AXcoOmRO4FcCUCQSK9I5mi80DqvJEEN0Y7YSrpZb73FO8FuZp1Pc56WGNS1dRqnwvgZDFGxjBVzEiUIiB6VMZzDfryC4VK4yxqsYbQ
Requested by
Host: d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
URL: https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMzMDEyMjE2MTgzNjE5MzkzNg%3D%3D&google_push=AXcoOmRO4FcCUCQSK9I5mi80DqvJEEN0Y7YSrpZb73FO8FuZp1Pc56WGNS1dRqnwvgZDFGxjBVzEiUIiB6VMZzDfryC4VK4yxqsYbQ
Date
Wed, 31 Jan 2024 04:57:44 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame F819
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmT2df...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-X46T7ezSdvYUt1CVfsX1iKRIp3tlKA5kqHVHtA&google_push=AXcoOmT2dfgCK7-UYiA9X9_rOKbSRTLBolAMmvhwo3Y3cUmihoWy3DsMz7Sb_BUDc0ErWBecHAHgppik29MU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-X46T7ezSdvYUt1CVfsX1iKRIp3tlKA5kqHVHtA&google_push=AXcoOmT2dfgCK7-UYiA9X9_rOKbSRTLBolAMmvhwo3Y3cUmihoWy3DsMz7Sb_BUDc0ErWBecHAHgppik29MUZq3WU9IURbSc5dWW2Q
Requested by
Host: d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
URL: https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:44 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-X46T7ezSdvYUt1CVfsX1iKRIp3tlKA5kqHVHtA&google_push=AXcoOmT2dfgCK7-UYiA9X9_rOKbSRTLBolAMmvhwo3Y3cUmihoWy3DsMz7Sb_BUDc0ErWBecHAHgppik29MUZq3WU9IURbSc5dWW2Q
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
619102
content-length
0
expires
Wed, 31 Jan 2024 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F819
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEOxK7NKKh1g6kqOqRtfuBn4&google_cver=1&google_push=AXcoOmTdymYT70xrnYg-iOw6Cu6EMrC229FHfo2JpgmpmTqlh8L91cOJAqKZGB2tXS0_7h-00oQnVwESf7QsW...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEOxK7NKKh1g6kqOqRtfuBn4&google_push=AXcoOmTdymYT70xrnYg-iOw6Cu6EMrC229FHfo2JpgmpmTqlh8L91cOJAqKZGB2tXS0_7h-00oQnVwESf7QsW...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTdymYT70xrnYg-iOw6Cu6EMrC229FHfo2JpgmpmTqlh8L91cOJAqKZGB2tXS0_7h-00oQnVwESf7QsWIkKiUO6vjkePtFs&google_hm=Y1ozR1BrUl83MmkwM29z...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTdymYT70xrnYg-iOw6Cu6EMrC229FHfo2JpgmpmTqlh8L91cOJAqKZGB2tXS0_7h-00oQnVwESf7QsWIkKiUO6vjkePtFs&google_hm=Y1ozR1BrUl83MmkwM29zREFFbFo=
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 04:57:44 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTdymYT70xrnYg-iOw6Cu6EMrC229FHfo2JpgmpmTqlh8L91cOJAqKZGB2tXS0_7h-00oQnVwESf7QsWIkKiUO6vjkePtFs&google_hm=Y1ozR1BrUl83MmkwM29zREFFbFo=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
236
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F819
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Q5eUBU7yT_eXuwWYQNmahA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Q5eUBU7yT_eXuwWYQNmahA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRw6209LZIGYZFv14jeI-YfvgzhX6N40jhmWlkqkdqr3VaGVV6m1qRsDcK7cvgk-P_mprKxXGDVH_bCDeoWaOOmcVTM9bFTvw
Requested by
Host: d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
URL: https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Q5eUBU7yT_eXuwWYQNmahA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRw6209LZIGYZFv14jeI-YfvgzhX6N40jhmWlkqkdqr3VaGVV6m1qRsDcK7cvgk-P_mprKxXGDVH_bCDeoWaOOmcVTM9bFTvw
date
Wed, 31 Jan 2024 04:57:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
RX-e6bb17fd-fe96-4226-b35d-349650324f34-003
sync.targeting.unrulymedia.com/csync/ Frame F819
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAYOKg5IqXFqL-lkig-JJro&google_cver=1&google_push=AXcoOmQJ0EY4LVCpwbUxXyXuQj15bvPLCyyDeAH9YgifLIVjO7lUN540MSP-yPFLY17xPOmQ91bue2SZDKU6f8FR...
  • https://sync.1rx.io/usersync/smaato/df2a3a0eef?gdpr=0&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-e6bb17fd-fe96-4226-b35d-349650324f34-003
43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-e6bb17fd-fe96-4226-b35d-349650324f34-003
Requested by
Host: d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
URL: https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:44 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-e6bb17fd-fe96-4226-b35d-349650324f34-003
pragma
no-cache
date
Wed, 31 Jan 2024 04:57:44 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
0.gif
id5-sync.com/i/495/ Frame F819
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEJ2c11eaVj0slYbCqmo9XhI&google_cver=1&google_push=AXcoOmTUfZRlCG3xL2UBweYIjNtCFqGAre4zhP1dDnS7cIr931HpfIXDw2m5A_4wOVeHzpuZBpUO3X_Oqxb_65Ktyd-uZpsYgM9yDkM
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmTUfZRlCG3xL2UBweYIjNtCFqGAre4zhP1dDnS7cIr9...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmTUfZRlCG3xL2UBweYIjNtCFqGAre4zhP1dDnS7cIr931HpfIXDw2m5A_4wOVeHzpuZBpUO3X_Oqxb_65Ktyd-uZpsYgM9yDkM
Protocol
H2
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Wed, 31 Jan 2024 04:57:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

date
Wed, 31 Jan 2024 04:57:45 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmTUfZRlCG3xL2UBweYIjNtCFqGAre4zhP1dDnS7cIr931HpfIXDw2m5A_4wOVeHzpuZBpUO3X_Oqxb_65Ktyd-uZpsYgM9yDkM
x-download-options
noopen
vary
Accept
content-length
274
x-xss-protection
0
attr
cm.g.doubleclick.net/pixel/ Frame F819 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JiMYrMFpnHSOwM_gz2chOuYPIPZrd5iTPjB5xGX9vG6g3zr0wVGiH27VW3cS-5pqH6qEyzEw
Requested by
Host: d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
URL: https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:44 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 78A7 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 14:58:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
50354
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Jan 2025 14:58:30 GMT
index.html
s0.2mdn.net/sadbundle/14259855386497574395/ Frame 0BE5 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14259855386497574395/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc95e37e25aa907eff30792481ecd423daef24262399e6af31e17d96a23c6345
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
55903
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2119
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 13:26:01 GMT
expires
Wed, 29 Jan 2025 13:26:01 GMT
last-modified
Mon, 08 Jan 2024 12:09:57 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame D8CD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvetz5K6HetaSRPc94-CoR_Z8piE39RVi4uOH7wQPkk6PWSJ11h3xMURB4EcH2oRhPedEH5pUbKPQGhaJlnRdGFI9FkWbfih2NPE9x3eTu8LpAt377Ml8pUPDX5tzfZHQ7a9JGSOn9gacNzV-n68kMfqJZVERISfxkWAb9pcMvYf_I-D3e3hjRnuEnk_AkP_uUijoIMn6ZjhyKp07X-nZcxAq5RG7DdobCmd81wvyIKLPmZ1I5Jm-K47dzjuDcFZrpaVnI6qClKs2OOGA2jmCbGXLRDr2JCGJJS-6KnFgbXPh8Kszgub0hpy5NsAzcJXCmimPHBDPH-_QM6GFt5JDIkLyigLASiAILoAhPEAQwy5RoKZRYV9ISFM-V4qX927MU-hoJV-hrSU5dJZZd0mBccmJXJ20TwULjLXOPLvyyHl9RON1syQsxvc2zqxuWey5G7bmfhV0tc-bMMOXd74ws_PGEF8UMTdwp8dvZT-jvT5Wb9Xbv4GwLjR_oMGCsMuZeJ_YCv67ijXGpTe7E4l7fbHPRuPajsTsOgaMONv7c0XeP324HihEImbPW85DOz1qGhdiF1OzU83aaUJjNUJJJoCMtumuvbuDWVco3XG63wUNdNl-y051iYDnMOjLkKgXU3EI-hGW35_qeEUSeOVK_ZUdYcZBlgXeNSfrOixvBlMfRBFbSerU09VVu-rMfnXnjmbjZ2iaWYo7bXaiZiF9pvKO1LsZmvfI39KsQ5_kYHyBVVyQ3GTCotGFEtXrs1hBc2yCVqTrfyeGMMtsR2AkVxwLMS3wr_ZcVRAgzz5wNWO7kzst9DminvgBjRYTIalDaMZSwi8o2PCkuG-FaMzd5dXnja04cetHk3LVw1R-L31Wjew-yjPo6352IzhbRuI4u5VYHgmj8J3-JuBqLz5cvl7QV-GoAz92MyJgBsfJAP0o166C90uXcNbGB4k0XSHuS9MFV39_u3R_9AAgmotSYzWPw-hPHFvb7P2nR2lGc2OmVccdv4rLPssO5SHsV64I8GQgstPtJBXS4mr6A8DILwDpDcXPzf8Om3_2AB06TWbK4CkEF-5Kf_ZbnXJKZhTYzTXkWqtOVI6P-E8mTCDx4Jn7ahtb6V-ywQMwK4GOdPcEFK5bK7juX8_b9j-JFG9--IT_r9s2uMyC986y3MziYgRIKHSF6akW3EpltHxaC3PypyfOPr1gzuekYgqwdeh4xxy1ksj_hqivIXfMsLqBwq-l480_qXhLM3jncyQ5ese8KR5v9Oi7ylb4MtVta7FZnHBUCv8iqEgJE_HeMCpJbol78tnl58KKbGMA7Xmi0VWaGKcRU1_UIKJhE6EiOlntWuOUrYg0mFCsa2kiNDnBuUqTWsXdvJXyYPQ3s52-qjPUPOlLz_L3X7Ej0CNDMW3U8WSt1t66peP7-phsetuzAlVI0AWTc9pa40cNtTr8Sb4vGLjHmQ-KHyyvFOaboJqSPEMvEyQGQLk__jaKS3qHPDsnARHC6vecDaFhdqxqs8YLnxcpha&sai=AMfl-YS_QbMrJpXnbzijqa9JR6pmVG9sY-O47yZg00L3rzU75JNwVLCGDxUgwb3unK3iuS0axbUUczJjBWSfoeSW5OnaAqX4VyGJKW8WURNLdwTryV28jcjTEyRbNlUBd7os0q41GN0ygp7XwjSAipt_WpIOkgGfe8rCvmtISVZRBX_XFFhmLQ5iO0reR-a4FxZTHbK9y76LEXUHjX94j77RZjEGbr9FUvFVXtZQdkJ98xQWudSnHtRYpK19BVLrPDoXvVjL&sig=Cg0ArKJSzIZdKrX472QREAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=97&cbvp=1&cstd=95&cisv=r20240124.25168&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 31 Jan 2024 04:57:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 0BE5 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14259855386497574395/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14259855386497574395/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 31 Jan 2024 04:57:44 GMT
vF300x250_Wingo_BFReuse_Europe_de.js
s0.2mdn.net/sadbundle/14259855386497574395/ Frame 0BE5 		34 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14259855386497574395/vF300x250_Wingo_BFReuse_Europe_de.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14259855386497574395/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec47ad54d1b82002bbc9f80233d898e1093a9223028dd4796f7f4933406ec476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14259855386497574395/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 29 Jan 2025 18:51:58 GMT
date
Tue, 30 Jan 2024 18:51:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36346
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23028
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 12:09:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gen_204
pagead2.googlesyndication.com/pagead/ Frame 78A7 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BctaESNO5ZZnzJZafjuwPgfSh2AIAAAAAOAHgBAI&bg=!ra6lruHNAAa8BdJLnAU7ADQBe5WfODi8fTzQwkEvfpv90CE2Ma6a60F8sarRoex1u5N7SzGU4z5VGyij3u5h9XZXbLf3AgAAADhSAAAAAmgBB5kDGfem3KvpgoOHoZR9EK4gqMOV5V2ifi22TAs49inXMAONy_T3smxMnhFhr1vPUYuxOzlDDxAtpQnt69OQYX0o2WJS0QOWGhMyVBC61EeoW_Rn_j0IFWTyZ6wLaw1xNjot9-NMaiJn08FdTLe6CIb4BSCrc5WpOFfQNt1LBFdPUQwiwRaMFDWMx5Qbi267S5DV4OnQMxw2bTgbmQP92oPo-CchoZVdJm8dd847PJFa0r4Mw4g1bo3EmQmG5rgTPTzCG9R7ttgFHk4dpe4ufkjcLtRsy_BtIY8tkwXv-sxGfNQJP4HxnHNeS8UlDUyHs2uwqJfuhLU8pmX3DcNKRGrquGy1EMy8KJmkb0zPF2HWQBaqPfB61s4VRgTAmkPlqrb7uxU8wcEIt8EZCADSQ56V_d17viwKm8pXLlaY6en8iO7jc4-hivuUOydmhJtLO6oVfM9JKlaJ1gmyR6ijgdT6241URr16zmj-WsqwtBHFZW9j5ae8GbfMG1unRZJc4cR_WdUul_89n_bwbz4dh-7pQOcp94AmHBon1YTW6moh1yeVIBeambIvbh9UWdOonY-JH2TJ37-vxU1MKDg0ZZ_3TsUkd_E1lULJYMRUE-0NlWDbhRaiP8iCqgP6PTy8uAlLz07cW-PCPwr17jv2uNtWwMw-1GNGFRvZEAFzNIwjx598ECR83rmhwmBYDQawCbiFe3og4dF1bCDLn21EKvrepywhNYn2GF-p1UAOiQFitkk4-dkytoGd2XCr7N4vamTA7xtFQ1qFy-MqyiJsPOcO8uI9uKa-oOVS1NO-8GgGbmI1QWdg0NTydwrgs4-Fa-4JzQ9Q0mMhDoKnXXCDJJbPyVEteLxtzCw_c8eet1mzHCKMaDQ_2PCA2qUePU-vA9jnSE8pMMwDFk2VbyI7Sfp-FORr8-SgmCbAHG_2QO87VM5CL1x0QR5GNMFeXOh6slwwKdv5hHhnntiWeHcq15jC-n-8nDADzkjXlyKqLJqWLBxpletLdF5A1ABIMqBwt7aGkZnWSIaRTJ5dQfIbZCZp1lLPQmrMVyK68b8
Requested by
Host: d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
URL: https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D8CD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvetz5K6HetaSRPc94-CoR_Z8piE39RVi4uOH7wQPkk6PWSJ11h3xMURB4EcH2oRhPedEH5pUbKPQGhaJlnRdGFI9FkWbfih2NPE9x3eTu8LpAt377Ml8pUPDX5tzfZHQ7a9JGSOn9gacNzV-n68kMfqJZVERISfxkWAb9pcMvYf_I-D3e3hjRnuEnk_AkP_uUijoIMn6ZjhyKp07X-nZcxAq5RG7DdobCmd81wvyIKLPmZ1I5Jm-K47dzjuDcFZrpaVnI6qClKs2OOGA2jmCbGXLRDr2JCGJJS-6KnFgbXPh8Kszgub0hpy5NsAzcJXCmimPHBDPH-_QM6GFt5JDIkLyigLASiAILoAhPEAQwy5RoKZRYV9ISFM-V4qX927MU-hoJV-hrSU5dJZZd0mBccmJXJ20TwULjLXOPLvyyHl9RON1syQsxvc2zqxuWey5G7bmfhV0tc-bMMOXd74ws_PGEF8UMTdwp8dvZT-jvT5Wb9Xbv4GwLjR_oMGCsMuZeJ_YCv67ijXGpTe7E4l7fbHPRuPajsTsOgaMONv7c0XeP324HihEImbPW85DOz1qGhdiF1OzU83aaUJjNUJJJoCMtumuvbuDWVco3XG63wUNdNl-y051iYDnMOjLkKgXU3EI-hGW35_qeEUSeOVK_ZUdYcZBlgXeNSfrOixvBlMfRBFbSerU09VVu-rMfnXnjmbjZ2iaWYo7bXaiZiF9pvKO1LsZmvfI39KsQ5_kYHyBVVyQ3GTCotGFEtXrs1hBc2yCVqTrfyeGMMtsR2AkVxwLMS3wr_ZcVRAgzz5wNWO7kzst9DminvgBjRYTIalDaMZSwi8o2PCkuG-FaMzd5dXnja04cetHk3LVw1R-L31Wjew-yjPo6352IzhbRuI4u5VYHgmj8J3-JuBqLz5cvl7QV-GoAz92MyJgBsfJAP0o166C90uXcNbGB4k0XSHuS9MFV39_u3R_9AAgmotSYzWPw-hPHFvb7P2nR2lGc2OmVccdv4rLPssO5SHsV64I8GQgstPtJBXS4mr6A8DILwDpDcXPzf8Om3_2AB06TWbK4CkEF-5Kf_ZbnXJKZhTYzTXkWqtOVI6P-E8mTCDx4Jn7ahtb6V-ywQMwK4GOdPcEFK5bK7juX8_b9j-JFG9--IT_r9s2uMyC986y3MziYgRIKHSF6akW3EpltHxaC3PypyfOPr1gzuekYgqwdeh4xxy1ksj_hqivIXfMsLqBwq-l480_qXhLM3jncyQ5ese8KR5v9Oi7ylb4MtVta7FZnHBUCv8iqEgJE_HeMCpJbol78tnl58KKbGMA7Xmi0VWaGKcRU1_UIKJhE6EiOlntWuOUrYg0mFCsa2kiNDnBuUqTWsXdvJXyYPQ3s52-qjPUPOlLz_L3X7Ej0CNDMW3U8WSt1t66peP7-phsetuzAlVI0AWTc9pa40cNtTr8Sb4vGLjHmQ-KHyyvFOaboJqSPEMvEyQGQLk__jaKS3qHPDsnARHC6vecDaFhdqxqs8YLnxcpha&sai=AMfl-YS_QbMrJpXnbzijqa9JR6pmVG9sY-O47yZg00L3rzU75JNwVLCGDxUgwb3unK3iuS0axbUUczJjBWSfoeSW5OnaAqX4VyGJKW8WURNLdwTryV28jcjTEyRbNlUBd7os0q41GN0ygp7XwjSAipt_WpIOkgGfe8rCvmtISVZRBX_XFFhmLQ5iO0reR-a4FxZTHbK9y76LEXUHjX94j77RZjEGbr9FUvFVXtZQdkJ98xQWudSnHtRYpK19BVLrPDoXvVjL&sig=Cg0ArKJSzIZdKrX472QREAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=247&vt=11&dtpt=150&dett=3&cstd=95&cisv=r20240124.25168&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame D8CD 		65 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
URL: https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b290618c6a5c2dd4b007f08778431d033d20fd379b4e9dc4f173e11e2a965116
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 03:58:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
3574
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24657
x-xss-protection
0
server
cafe
etag
1770201614985610734
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 04:58:10 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401250101&jk=3611580827968359&bg=!GRqlGlXNAAa8BdJLnAU7ADQBe5WfOOLB3Dwzjr537ts0D6L3t9U4Qxw6Bb5Hgf9PHmYTRhkoSgEFSp8Ia8P1rffOYi9QAgAAAEVSAAAAAmgBBwoAJ3ESss-E9dhSkByqN4fcc1qMVTz4OiMmX615foQ6DFHP12QH10AIDZkCvltWV4wKoz6ek_LhA4wTCGqKsXUkECOI1aK9k8r4hRhHlz8XHB9MXkIeZmXVauYipVFbjv9B76SjbKGZB9Gbuotd5xNRRnRSdNUROH57XQ3bXS4u5CS10VFiYE_BOm1bKuECPbTRsqNOcPrsp1T8Q3_9cFQe-R84kVw8Zty80T_rtEqfyeSxOglfedwuZQ2soSCyn4osN7LcJicbl6jW2DQS_M5_qFNJ0zgL_eAWy3e0bvF6SnmsWnRpUbsGktwQ4AxbCKJY9T2-WN7YNFGnCaZA5uer_STZzML_E4aGADV_SnruBrBG4zA8UElZIHlujK1WQ_-UiNB7qDE-Y3OLPSmNw4mFDlJ65EwQYHy8JoDsNk0V5RXE7lS6ncRt0t9TF9IG9lYarp5dqGIHI8sGsTDC9VWjakCNjpdDI8fcYTw1q-TshdoyiMpwVdI2aNNYK3_-jwVhyFf8O4x7RBRNme_b-wkxUrbrjtSjhWl0-oZOE2p3ct0FdIxo4UA9WFtzEv54y5sINhLnvTGyTsLP495UcSofEs75vSgABVGGAu1ohhf-SgyJ53w7nyu6pnNFqQCPo4Z__u9yvqWDnjtnh6eZZxMnp6ST0RKUBBD2CaP5QpaEK0kX7RWPkVhsyd8bzbsEwZ2phl9snsnsGdyB_5NSyrhSO39dZiKRsbMvEDctdPwyRh2LtkV8JDYIepxDwEgOFJTr8rc_EpkgMSIgD9acW0uJnSF4FpIVvIsYHoQJpFUbwVqNeO5yK89YiQoGZc1KEcXlOwQH0HFQrCqCpThDqrWMWythRt6hRn3fvWtuXb1b87WHq1SKq38Ef90Pm4Df-z4cm6qCEs3CbiXSDMmrWdBJl1utWjjwmuz8o3G20JOHdknE2nQyNwCae7T7ChVHqP-o9lk2CIiL-2oB8kNTKkvvJWRY3PV6JWYHDw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame D8CD 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~ls1bgjcy&chm=1&c=3611580827968359&ctx=2&qqid=CJGVosHrhoQDFUc6VQgdcu8LSA&met.4=fb.t~lb.6b~cmrload.79~ol.d1~idt.v3~dt.-86&met.3=374.73~113.e5_1~112.e5_1&met.1=1.ls1bgiyu~6.0~7.0~8.0~9.0~10.0~11.0~12.0~13.o~14.p~15.p~16.6v~17.6v~18.6v~19.d0~20.d0~21.d0~22.6u~23.6u&met.7=CBsQCBgBMBk41QNoAXAYeIkXgAHdFIgBkjCwAQG4AQM~CCgQBRgBIB0oHTBdOD9oH3BbeKUEgAH5AYgB-ASwAQG4AQM~CBwQChgBIB4oHjBrOE1oH3BoeKn4AYAB_fUBiAGFxwWwAQG4AQM~CBwQBhgBIB4oHjBXODloH3BVeNYCgAEqiAEqsAEBuAED~CB4QChgBIB4oHjA4OBpoH3A2eIAMgAHUCYgBgRWwAQG4AQM~CBwQChgBIB4oHjA5OBtoH3A4eNhEgAGsQogB1KEBsAEBuAED~CBsQBhgBIB4oHjA-OCA~CFEQChgBIB4oHjBjOEVoH3BXeM2IBIABoYYEiAGt6QywAQG4AQM~CBwQARgBIG0obTCjATg2aG1wogF4rAKwAQG4AQM~CBwQARgBIG0obTCkATg3aG9wowF4rAKwAQG4AQM~CCgQChgBIJMBKJMBMNkBOEdokwFwywF46bMCgAG9sQKIAfTdBbABAbgBAw~CCkQChgBINsBKNsBMLYCOFxQ2wFYiwJg2wFoiwJwowJ4qrkCgAH-tgKIAbH1BrABAbgBAw~CBwQChgBINsBKNsBMPMBOBho3AFw8gF4yySAAZ8iiAGwXLABAbgBAw~CAkQChgBIN4BKN4BMPcBOBlo3gFw9QF4xF-AAZhdiAHK-QGwAQG4AQM~CCcQChgBIN4BKN4BMPcBOBlo3gFw9gF4nW-AAfFsiAHpyQKwAQG4AQM~CBwQBRgBIOIBKOIBMPsBOBlo4wFw-gF4lgeAAeoEiAGWCbABAbgBAw~CCcQBRgBIP4BKP4BMJgCOBpo_wFwlgJ4oWiAAfVliAH-sAKwAQG4AQM~CB8QBRgBIL0CKL0CMOMCOCZovgJw4AJ48xKAAccQiAHvMbABAbgBAw~CCIQBBgBIL4CKL4CMNIDOJUBUNwCWJEDYPACaJEDcNIDeKwCsAEBuAED~CCgQChgBINUDKNUDMPkDOCRo1gNw9wN4_cIBgAHRwAGIAc2FBLABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4001:c2e::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:45 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
graphql
apiu.sanook.com/ 		110 B
805 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apiu.sanook.com/graphql
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/9669-b56602280eb9384c191d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
61.91.93.41 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-41.static.asianet.co.th
Software
nginx / Express
Resource Hash
05e3956bb87de48ce3f7d7dda77106608bb9d9d7a0f88045fdbf996e604a0b5c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 31 Jan 2024 04:57:45 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Content-Encoding
br
Server
nginx
U-API-Cache-Status
BYPASS
X-Powered-By
Express
ETag
W/"6e-Ao+XyKHSPurANsQF/LSHcclJvKY"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
graphql
apiu.sanook.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://apiu.sanook.com/graphql
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
61.91.93.41 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-41.static.asianet.co.th
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.sanook.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Max-Age
300
Connection
keep-alive
Date
Wed, 31 Jan 2024 04:57:45 GMT
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
U-API-Cache-Status
BYPASS
Vary
Origin
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~ls1bggkb&c=3611580827968359&e=31080155%2C31080781%2C31080755%2C31061691%2C31061692&ctx=1&met.9=1.2k6~2.2od~9.0~9.0~9.0~3_19.2un~3_21.2un~3_27.2un~7_19.0~7_21.0~7_27.0~4_21.2wo~5_21.2ws~6_21.2wt~4_27.2wz~5_27.2x0~4_19.2yl~5_19.2ym~9.0~3_33.300~7_33.0~6_27.31b~9.0~3_40.31t~7_40.0~4_33.42u~5_33.42w~4_40.431~5_40.433~6_40.434~9.0~3_41.4z8~7_41.0~4_41.578~5_41.57a~6_41.5kc&met.10=1_2.CAAQABiAmHUguRsoAA~1_11.CAAQABiAmHUguRsoAA~1_1.CAAQABiAmHUguRsoAA~1_4.CAAQABiAmHUguRsoAQ~1_7.CAAQABiAmHUguRsoAA~1_7.CAAQABgAIIgcKAA~1_1.CAAQABgAIIkcKAA~1_21.CAAQABiAmHUgoRwoAA~1_19.CAAQABiAmHUgoRwoAA~1_2.CAAQABgAIMccKAA~1_27.CAAQABiAmHUg0RwoAA~1_4.CAAQABgAIKceKAA~1_33.CAAQABiAmHUgsx4oAQ~1_11.CAAQABgAIOseKAA~1_40.CAAQABiAmHUg9R4oAA~1_33.CPjJBBClyAQYgJh1IL0pKAE~1_41.CAAQABiAmHUg9SooAQ~1_33.CAAQABiAmHUg9SooAQ~1_41.CAAQABgAILAyKAA~1_41.CAAQABiAmHUgtjIoAQ~1_41.CPjJBBClyAQYgJh1IN40KAE~1_33.CPjJBBClyAQYgJh1IN40KAE&met.3=112.2st_1~416.30q~413.317~415.31b~195.4by~166.4cl_h~195.4hd~113.4zs_1~415.5kc&met.1=1.ls1bgdri~6.l7~7.140~8.140~9.140~10.1f3~11.19i~12.1f3~13.1l2~14.1ql~15.1l4~16.1r0~17.2dn~18.2do~19.4zq~20.4zq~21.4zr~22.29h~23.29h&qqid.1=CL7u-L_rhoQDFZQEVQgd1NcFDA&qqid.2=CITq-L_rhoQDFcECVQgdC_EFLg&qqid.7=CJHu-L_rhoQDFQ7UEQgdw4wEpQ&qqid.4=CLbUhcDrhoQDFaczVQgdaDAOGg&qqid.11=CJbhicDrhoQDFS4_VQgdOzsCkQ&qqid.41=CJGVosHrhoQDFUc6VQgdcu8LSA
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4001:c2e::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:45 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/usync/ Frame 7722 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
activeview
pagead2.googlesyndication.com/pcs/ Frame D8CD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvkjr3xGNSPzdtrtXsJioQnFMMZbLvS5LXDJFH4S7Wk1Aut2jpSpxiEyWYmOZTCgFxAKpEkW4Wh3bdd97H3r4XN72Qn8t6vmEEyRTyWJAofHsbos56Z1CZPeqCPvF1AauWtLSnTDB6cM53maqbKcLBElQVX&sai=AMfl-YTRyuFy3a5Yq_wu7pCXaXOa06xGp_izuUjWqx0DPTQAWQ6oS-ZK454HLk6YgULDdsBK0sjxnnHRL43UCXEKR1qm4jDCalnPCMcwnXI2Ni8F2ltjeLNOKfm_ya8&sig=Cg0ArKJSzCuJDzBzMMB7EAE&cid=CAQSOwAvHhf_XMJMYQnlkTtc4oDfYb6PmLtHYwE8LH5fbAGy6pbzkjUwk4qgxglrOfT-2cvbYcftn6xWUqivGAE&id=lidar2&mcvt=1003&p=950,1033,1200,1333&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20240129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=919687659&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170667706400&rst=1706677064454&rpt=237&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D8CD 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6058354710037&version=m202309260101&ct=119&x=1&cor=14503066586972058000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:46 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame EB05 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:57:45 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CD70 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-105-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=80929
content-encoding
gzip
content-length
5622
content-type
text/html
date
Wed, 31 Jan 2024 04:57:46 GMT
expires
Thu, 01 Feb 2024 03:26:35 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
setuid
u.4dex.io/ Frame 5429 		0
668 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)43979405-4EF2-4FF7-97BB-059840D99A84
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 31 Jan 2024 04:57:46 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
setuid
u.4dex.io/ Frame 077F 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)43979405-4EF2-4FF7-97BB-059840D99A84
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 31 Jan 2024 04:57:46 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
graphql
apiu.sanook.com/ 		108 B
806 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apiu.sanook.com/graphql
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/9669-b56602280eb9384c191d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
61.91.93.41 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-41.static.asianet.co.th
Software
nginx / Express
Resource Hash
c35c9bde0df8a5cc38d417b76206931ae3bb947f61a53e0a633d4b614a272d25
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 31 Jan 2024 04:57:49 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Content-Encoding
br
Server
nginx
U-API-Cache-Status
BYPASS
X-Powered-By
Express
ETag
W/"6c-j4KoGVI+zaoCf4fzmhonUmtKt8A"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
graphql
apiu.sanook.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://apiu.sanook.com/graphql
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
61.91.93.41 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-41.static.asianet.co.th
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.sanook.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Max-Age
300
Connection
keep-alive
Date
Wed, 31 Jan 2024 04:57:49 GMT
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
U-API-Cache-Status
BYPASS
Vary
Origin
prebid
id5-sync.com/api/config/ 		135 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
f759cefc88a2c554f946a01dfe2df9521c5c213a63495dd0d2978adf78f171a8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 31 Jan 2024 04:57:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ 		63 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
5e05ffe6fc613dd834356726d82f8bdd391db328d93e3271ed736604baa7f774

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Jan 2024 04:57:49 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Fri, 01 Mar 2024 04:57:49 GMT
csync
sync.adtelligent.com/ Frame 1C48
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D...
  • https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA&traffic_source=snippet&session=85AD5D58A23383F6&sp=715062&pb=312731&c=750708&a=754412&domain=https://www.sanook.com/
43 B
444 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA&traffic_source=snippet&session=85AD5D58A23383F6&sp=715062&pb=312731&c=750708&a=754412&domain=https://www.sanook.com/
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 -, , ASN (),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Wed, 31 Jan 2024 04:57:48 GMT
Etag
890f8c18c8278603
Server
Adtelligent

Redirect headers

cache-control
max-age=0, no-cache, no-store
content-length
154
content-type
text/html
date
Wed, 31 Jan 2024 04:57:49 GMT
expires
Wed, 31 Jan 2024 04:57:49 GMT
location
https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA&traffic_source=snippet&session=85AD5D58A23383F6&sp=715062&pb=312731&c=750708&a=754412&domain=https://www.sanook.com/
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
pragma
no-cache
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8B1B 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156181
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-105-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=80926
content-encoding
gzip
content-length
5622
content-type
text/html
date
Wed, 31 Jan 2024 04:57:49 GMT
expires
Thu, 01 Feb 2024 03:26:35 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 395E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.216.27 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ad07c35ef09057e4b1a713b6952ba5c0987dc2d06866d242c90c40d230fee099
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
8067
content-type
text/html; charset=UTF-8
date
Wed, 31 Jan 2024 04:57:49 GMT
expires
Fri, 02 Feb 2024 04:57:49 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usync.html
eus.rubiconproject.com/ Frame 6A01 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 31 Jan 2024 04:57:49 GMT
ETag
"20524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync.html
cdn.aralego.net/ucfad/cookie/ Frame FEBB 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:467 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
11071
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
84df6041b8bc1c6d-FRA
content-encoding
br
content-type
text/html
date
Wed, 31 Jan 2024 04:57:49 GMT
last-modified
Wed, 16 Dec 2020 08:30:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOhHGwq0Nqotkio5dCDJMP4f%2Fp8xgy5lPKbHb6ngougRgkomhLNVR3vwdgk%2B3ICmk14I9MfiF%2BTvuXy3RG5OrJFQSNgLhkEzdHscJfsSk91pEEKP5TvyPYG7ClZpIpCSFdsxNu92iY06FaSC1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=themediagrid&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=themediagrid&gdpr=0&user_id=TgaWCBwAwARVBM0JGgbZUE0DkgNVC8BSTlXKgIvJ
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=themediagrid&gdpr=0&user_id=TgaWCBwAwARVBM0JGgbZUE0DkgNVC8BSTlXKgIvJ
Protocol
HTTP/1.1
Server
35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
91.149.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 04:57:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 04:57:49 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=themediagrid&gdpr=0&user_id=TgaWCBwAwARVBM0JGgbZUE0DkgNVC8BSTlXKgIvJ
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
fd1cc9b9926b799ac9ca6390e14fb75ace49b8561ce5769305a0b63418176ebe
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 31 Jan 2024 04:57:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame 6A01 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1c20d9917401570e57b29c63fcec6ac1c7b8394777f16ddeff554000c9a94ebb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 04:57:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Jan 2024 13:44:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=31615
Connection
keep-alive
Content-Length
10901
Expires
Wed, 31 Jan 2024 13:44:44 GMT
984.json
id5-sync.com/g/v2/ 		251 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/984.json
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
ecb0cb2ba814de371fe19a5037a36936b0174978ce3777954ea00493a81beeca
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 31 Jan 2024 04:57:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
idsync
sync.aralego.com/ Frame FEBB 		0
0
log
c21lg-d.media.net/ Frame 395E 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=2&vsid=3496786637934849000V10&origin=1&flt=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.232.23 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 04:57:49 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Wed, 31 Jan 2024 04:57:49 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAAPUVtqp7TMwuirtzyD7Qg&google_cver=1&gdpr=0
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=903232714360&version=m202309260101
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=903232714360&version=m202309260101&ct=76&x=1&cor=341626610316985100
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D7_AI_yGDNr-g6karhQyf-Yked61EolYv3EfvzlnHMYWYfFBbENNqtt0zn0VOZTMW9YYnr90kl1aQ3EDjdBZbT-3rHRQ&cry=1&dbm_d=AKAmf-BAfRV9JVPjEAwaEqBAxD4eqejbynm9ZF3DEywdLR90QYxpiTy70NPC5sJJNkfyGO47ebDB_CvDlkq2QMYCdxj18FVrKbNDxzePJWK8x-JZMZBBkwpY6iUyCet7uRCyWDnWui66JJh0I-3vEy4x3vpUV8rhGu_08SjJs_h0wesk-Zmea23usnNXbWkF0mehvahG0cuYNYPjLJyGQlhlSyJ3wn8grK65sSsxUCO3pXyVeQtBA330BryFLpvQ9vEaflFLsBJIQ0U9TD41IpnFDyF6kvoZn0hA4H6P-8Gkm_GdJ2QKBBkgSo27toSJNb4LQje38p6KVuOtvq_4sdVymCqokP7iRchJKt14Bc39jDy92xuzWuYvj4Brlyza-6Lz_StmdrmXyPtX7IPawAcbbFa2Qfm8Ll5_3iY5wlApUp53llUQ1nkoiRMtsyJ3CW5PfiFu-knxc33cgzWqUdmNhpEU589duH6kdi4WW21J-jX96Zpk0_ogkC0kS5o10vL-8xjEQhtksh9kR_DrY6XoUqG9M3wfj8ERGkwS5ryKmqULGBgvnX-iFON3LajKZXq0QASdMho8SQM4BzHbgwD52wqd587V1y53sQ1p0d56yg6NJOO8XNQ4j1Gb9BcLhCkfzR7A0CNuW9EcwO66GoFbcJwERn-9mNX935VIYNrmMOav5PYFo_yBd39wobZoyBL46d118z6n1DqdnfYC-Zf-JOcIo4b90sR8cDZvXfyPKKG7Evonk0NUip_eu4CN5_vKObxEGxIRuVZ1UVN4yQdsymNlExp1_kg5one1Wnh9bWkO2UnuJT3J3kecDadCh4hIImUF0fBw9B0FwVUcg9aXOqF7MNUdcqkMBkDh7WMWqu6xAsnWa5n8ky4hHBkriQnT5yObIaYuHon9rB_rk8WnbSCxL1AbdD8zxc2d26GGqH0qYyqV77NGu0uFFo68jzKUBcODB4vxM9XkpH1SXTHSfwvZxFO0EKClyOnOHEK_L5gdnzirFSJd-glWBRaISorM4a8QGzPUrp-STUi6D_5W3dVTEIvRscp77OupTAVIMBtedw0fgJLrC-ZDBpC_mr70Y6Tfmu1FpweeU1xd5oKvgwtZ-pQWj8HsBtpFCW_hBjMflOUv6dfwt1kvHVnrs8diabpEQW4ayrTbTVNke-XjDzVNKAPFCJ-4PhWyjVxhdfq3tbrEOL3FiJ8O4160JLElXlMCNkJl47CcEJwKndpKCUkE9JtGVg06H1DfCHavuV_URmVPDbwKYxpj_aiNWTNE0xlTRyp7gQ6aO8htDgY1yu1OiB1Bulz-h6jZOoi-BPUXNvE_YOvRvnKdd_dru2UCfwyFYBxtpKltvODRHcr3msWvqeHpgA9JPGhZeeCv5M_tZxhi_IA0oSI4Kl7Tvrz8SEgzQj2AgdpYYAdGKRWRKLNHrwzhZ4ORMrNXG6DjqTdmK5v2xPA-btmeQLYLuEZz-Irrm-9C3gFbqziKuA5c5c3kkCKPTyYroZ-R39qlGF-tDlFFpkvxRcK34KXzV00hzzQBFwU_VCbd3g61SHYsbiyVqyZjLSw60MaJ2FsmRhVQSLas0bpBtsuDPGNXXiJL5tHtRiotwJqFU-gEVgJQAZzFkI3fV0TU2Ljnn38BwPOjLMnK2nzcD7HsFD-o4Qn0_Gek1N-QZr8HX_FWNYN1VeglRIhJeBUA5xtYhcXB4CYKKtrTvzLJMWAz9vOLUE31Xek6sZPA1Thh9Q6wQ9zyS6M6zrTibp6_PTxKfpKKLOUt0-99356m6EI23NEsoz2SwpXa4HfQUssGruGJNE7LbLXjsxVhlPR_x-QMkpfqLyXpWWeGrHB85Iz-7DWpSbU18Q18_DwUqw4XaZDvhDvLAIrtFcKuTPj3Xy2vjBAVhkxQYhySQ_EmUc1EP3FJ6cxb8k69nTx32n2jjpCi0AaJymR4CkwcH3lYSYnNM6QoJBuK81ErCAPLbbixDpCYH42fiOy-HuRKq89e1uJNY3YbyG-gB7cueeP91nncrhBLnomyKSMe75g7W7SYDZqPowbx43nfxCvPEFOLar0_bueosWzGxaHQxC_Y0h_wH73G93adBAkGda66o9Lx78qjogETPonswGfXKuIe3SJSf4nBCtyDKKkbF4briWAIDYEUZNEvWkxNoNBFgumZG5S0O3sDR7N9sqIMK4LIB_rdVnlgunSNWcFRLn8F5mN2ZOmq1g-HoTuF34CNdeUBWsfikpB9H57tUZtxgOENvdvzsVBYrYw2cMgRmCi7T7nejOp23cHQUeF2s-sp4NPR0jnE_Os9OIaakkHDKS36Np2lnHQkUqtsWWvXF_GtBhdqeCwZJqFRtZf0zHiY6Jlh1uB6GC4aEMdIHa7Nk-7YniEpsQzvNIobTrOqVFVuZy9H8b0LE9AO_lzfBqPw7FFBl8EyDALHn-cfnXsu5WOJS3WpyCFMjyIDibnq4z68C702TlwPeRwH4lkI85taTOW7Q6pejycTXt23GATl4SfiSQhwVUf_gPPCYVwjvcRJUHRNG53V45GyckgBegKq7s9QIdbT8ZpDUHe9CYWEeS6C5Q0Z0woQxvOcRewMPG8Wxf8160fdmrKNLNINNXdJGTAdOnkN7z_vk_IZ9zCkBvK3s0BM0cFq-96lF_slyA-zDXFnDoQd-KIqKS0Ei6ZurvU9WJcIbdD0IuKWbtdx-EmBj_P2NMiXtH5CP0-a8wCG3V-g_Zja4HD79Sh2n5HuniApSgN1t-epKB4HiXuEquQRebOunNI84QEX9R-MJ6it4xKHbAru0bf6aOahGKRljkUWVtl91I2Q0AtBoLSeaeCDVK5BP0sL7NsAuomozyPAd3aaHTi5HHy8ccGoZvwW3qJbSBa4D2UHUIycqXMp_MgyEVnzYwLMhopeON0MHnlZPO1wiQ-C7rWP97xkrmrxVz66ZoKXgBNz3ysPSJ7W_QL6HH_pJLZSXUs6wKTEEsMh4Rx3H8zqLJ4l_fwTqfKzuyP4ZqR0cKjbLA7bXghcsWxipbfneYW7SovSVi1TL299oA88WAlApNbL8C1xDd2Osl15v4tmir1rgxczwS4Pe4xLYZ-9GUffzQXsro9VSQK7ox1UfWNflHaNXS4v5LpyPG2jZSThgd3mWp4gn8g8CcAHtqbtsfBamk7TRnaabrKPc6Q7Bm5jnIVm2Fvu3X0tMezUldI0EnLTq_RyCgqTvsynALgA6RsrfmKq1WVIhYw1YHDOYbHozP7THPTmwT1nkGr-CSWw0wISW18cuSrN-3AX3r9_mi4jE3drhxJdMxesbnRl2skt99GZr3yrgFM76Mjnb1DAcnUIYNgTvbm_avhHxTXDI_pGDtRcr6ivEoCtvq0cK9CVUrpcd6VuzIf3MEqr29ZsfGuw2BxRKDNSjn3Kox1uAKhk4M7ckSzGxz56XDz5iV3x8zH7gr7iWwn_YSiZbNfeABV4nYsrq9GrWnvM7PLsPMRaypnrlJTYs2PDPvpwCXSrMUeB9qotqp-a0tnQ2LVHiNP2vWOo4NCg8wrmi9LUmZm1YZXms7-pcJJVTonOm5wSGmqyET-3a8N9MdxiS7kh0HfqBbSKyojcLR30omJ2X7VLa8AzaHWi7JG7iLfYgoZ-8YHCMGNLROuFjxJpowDyzBDv1TuVbxyg9u2TlJrodygxW2M1I3jzn5oi-7m9rivF_g6pWJ0h75U3QfDhOQHMs32IB50MRZscb6ilHKP54NMbNfb24_aENDYsdmp-3131Lg5ZUixW_cJjhKOPlvezAhD1vo-BOdamCbQaCE8lTHvJeNUdC8zXqd-jGsf9ZAtz2M3RyciqlLhusTrzV5VoEbNYQ5ZLqDW1brLiAEnoKXwqKpRfp_-K1ay7AxiBOsUC5LPe9_ru7RhuJxSRxUh8CkyPbSzsq_HalO1pSJMbB8TxsUBhwqeaRg1cQ8T-CpNspBbkILWep1V2uQ5gwX4GThi3drcVS3-xC59LPyKgb1F3bpaqL6yz0tIk075aUQzRmb8TDnNTAPvPXO-_qA0tTDhImS2cCX-dlG645QX0iNnPqb17V8BPEXT29BnzJx9bWXzWWfL_PEZwXQ0JHpQZK2Eg8QDVdHnf5dRqZP6ciSGIRztv_gzylk0Y55y-zBzuB-HjYpVuZNCSn6zggQ419cMdOvF1l36v4m7E48iPHX3CSNIkF1FLQppEr1xUlP4B5qufg4E6BGAqNdwr1Erp5eO29LxOx0YFPRZ826m1wXlE_E0X4bhK7W3jMhFFvwRBp3Vp6PvuiB4&cid=CAQSTQAvHhf_r8_f8JoB6hA2CxgzipRKRvCmC6apWPRf8jbv36A7xYniU5VmAjCrQ5szxy7Q3thS6UndYfNIQ8D1rcQUB8sStvZer3tt-WnyGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.sanook.com%2F&ds=l&xdt=1&iif=1&cor=341626610316985100&adk=3661671306&idt=145&cac=0&dtd=4
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
sync.aralego.com
URL
https://sync.aralego.com/idsync?

Verdicts & Comments Add Verdict or Comment

976 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| objGTMInitialValue object| smiData object| adsCookieRegex boolean| GTMFirstLoad object| dataLayer function| getPage object| THwhitelist boolean| THFirstLoad string| page string| SanookAnalyticsObject function| snSAL number| m function| fbq function| _fbq function| Hood object| __tblPushGlobals object| _taboola object| _taboola_notifications function| showTBLPushPrompt object| NREUM object| webpackChunk:NRBA-1.246.1.PROD object| newrelic object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_149 object| Criteo object| Criteo_149 function| NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL object| google_tag_manager object| google_tag_data object| ad boolean| adblockTracker object| GooglebQhCsO string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| innityDataLayer object| _comscore object| webpackChunk_N_E object| PWT object| googletag object| regeneratorRuntime object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| next object| _N_E function| __NEXT_PRELOADREADY object| __consolidated_events_handlers__ object| __BUILD_MANIFEST object| __SSG_MANIFEST string| DataCollectionObject function| datCol object| COMSCORE object| ns_p object| innitytagmgr boolean| bG57b51f2f1c51b15b6d1e8553 object| _innityq object| gaplugins object| gaData function| _UA-8147095-6_sendHitTask string| Oe string| Ce string| Ae string| Te string| Ee string| Le string| Ie string| Pe string| Ve string| Me string| Ne string| De string| Re string| He string| Be function| Fe function| $e object| qe function| ze function| Ge function| Xe function| We function| Ue function| Ke boolean| Ze function| Je function| Ye function| Qe function| tn function| en function| nn function| rn function| an function| on object| sn object| cn function| un object| saplugins object| saGlobal object| owpbjsChunk object| owpbjs object| _pbjsGlobals object| partnersWithoutErrorAndBids object| matchedimpressions object| ucTag object| OWT string| partnerName string| key object| _innity_wtl object| _innityoq object| V object| _iampt number| dz boolean| bG5f47736a47e7049801000002 string| hash string| turlnameindex string| _hsv string| _ht string| _ctg string| _hc number| __thflag undefined| stat_frm string| truehitsurl object| tga number| VisitorT number| onSeconds string| p_cookie function| truehits_set_no_cookie function| truehits_set_accept_cookie function| getLogonTime function| getLogoffTime function| path_cookie function| logon_getcookie function| Tracker function| _rdId function| _toHex function| _gsc function| _Hash function| _ref function| collector function| th_ajax_tracker function| domain_cmp string| __th_page string| udf string| arg string| _narg string| rf string| truehitsurl_top object| th_img object| th_link string| Ct string| At string| cd35 string| cd36 object| ggeac object| google_js_reporting_queue boolean| google_measure_js_timing object| google_rum_config object| msgData number| google_srt object| _google_rum_ns_ object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MjFlMjRlYmY4ODg5NzZkNGxvYWRlcl9qcw== string| MjFlMjRlYmY4ODg5NzZkNGNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady number| google_unique_id object| Criteo_identitytag_149 object| __uid2SecureSignalProvider object| __uid2 object| pbjs object| ox_esp undefined| google_timing_params function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 number| time_interval number| geopercent number| geoedge number| min_view_andbeyond number| min_view number| timebased_refresh_andbeyond number| hijackabm number| unfilledabm object| andbeyondnewarray number| residual number| residual2 number| refresh_andbeyond number| number number| refresh number| iframes string| machine_rules object| label_adapter_video object| label_adapter_display object| config_rtb object| adapter_rtb_new string| home_country object| adunit_network function| getQueryString_val_new object| myElementrtbtracker string| sitemainurlandbyeond undefined| andbeyondhttp function| getQueryString_val object| andbeyonddebug object| observ object| slot_vis object| start_time object| total_vis string| country_rtb1 string| city_rtb string| city_ip string| city_region string| Countrytimezone number| timedate1 number| andstatus300 number| andstatus3001 number| prebid_active number| newtestunitcount number| adlooksstatus number| adlooksstatus1 number| adloox_fraud number| andbeyondadult string| timezonename number| newunitcallback number| width number| height object| block_url number| size3001status number| size3002status number| size3003status number| size3004status number| size3005status number| size3006status number| size3007status number| size3008status number| size3009status number| size30010status number| size30011status number| size30012status number| size30013status number| size30014status number| size30015status number| size30016status number| size30017status number| size30018status number| size30019status number| size30020status number| size30021status number| size30022status number| size30023status number| size30024status number| size30025status number| size30026status number| size30027status number| size30028status number| size30029status number| size30030status number| size30031status number| size30032status number| size30033status number| size30034status number| size30035status number| size30036status number| size30037status number| size30038status number| size30039status number| size30040status number| size30041status number| size30042status number| size30043status number| size30044status number| size30045status number| size6001status number| size6002status number| size6003status number| size6004status number| size6005status number| size6006status number| size6007status number| size6008status number| size60010status number| size7281status number| size7282status number| size7283status number| size7284status number| size7285status number| size7286status number| size7287status number| size7288status number| size7289status number| size72810status number| size72811status number| size72812status number| size72813status number| size72814status number| size72815status number| size72816status number| size72817status number| size72818status number| size72819status number| size72820status number| size72821status number| size72822status number| size72823status number| size72824status number| size72825status number| size9701status number| size9702status number| size9703status number| size9704status number| size9705status number| size9706status number| size9707status number| size9708status number| size9709status number| size97010status number| size9702501status number| size9702502status number| size9702503status number| size9702504status number| size9702505status number| size9702506status number| size9702507status number| size9702508status number| size9702509status number| size97025010status number| size1201status number| size1202status number| size1203status number| size1204status number| size1205status number| size1206status number| size1601status number| size1602status number| size1603status number| size1604status number| size1605status number| size1606status number| size1607status number| size1608status number| size1609status number| size3201status number| size3202status number| size3203status number| size3204status number| size3205status number| size3206status number| size3207status number| size3208status number| size3209status number| size32010status number| size32011status number| size32012status number| size32013status number| size32014status number| size32015status number| size32016status number| size32017status number| size32018status number| size32019status number| size32020status number| size32021status number| size1001status number| size1002status number| size1003status number| size1004status number| size1005status number| size1006status number| size1007status number| size1008status number| size1009status number| size10010status number| size4681status number| size4682status number| size4683status number| size4684status object| label_adapter number| tier2 number| tier3 number| globalandbeyond number| factor_internal number| timebased number| timebased_refresh number| timer_refresh number| factor_visible number| factor_tier1 number| factor_tier2 string| factor_tier1_text string| factor_tier2_text string| no_refresh boolean| detectPartial number| highcpm number| highcpm1 number| windowwandtest number| strategy number| myVar number| randomval1 number| network1 number| network2 number| percent1 number| namemc number| windowwidth2 number| PREBID_TIMEOUT_NEW number| floor number| ref object| rtbpbjs object| divandbeyond number| andbeyondtotalSeconds number| andbeyondtotalSeconds1 undefined| andbeyondtimestop boolean| idleStates object| idleTimers object| a9slots object| block_domain_creative string| pathurl12 number| geoindiablock object| and_geo_block number| prebidurlbind object| adUnitsregular object| debug undefined| adunitmock undefined| adUnitsfirst undefined| adUnitsvideo number| geoedgeinterval string| url1 string| country function| adloox_pubint_timeout string| toisiteurl number| windowwidth1 number| geoedgeinterval2 number| localandbeyond number| windowwidth number| global_refresh number| newid number| flag2 number| refresh_time1 number| refresh_time number| refresh_time2 number| hijackinterval2 object| isMobile1 string| osdevice number| randomvaldatatest string| url22 string| urlmob1 object| andbeyondnewunit number| globalcount number| sanooktest1 number| globalinterval function| checkeractivenew function| bidder_restrict function| callnative function| encodenativeurl function| callvideo function| calcTime function| isInteger function| myTimer function| isVisible function| bidadjust1 function| andbeyonddisps function| addListenerMulti function| blackbox function| refreshBid1rtb function| refreshBid2 object| aff_var number| floorlogic object| bidder_allowed_native object| bidder_allowed_video object| apstag object| adUnitand12 object| playersize number| pos string| native string| context number| count number| j object| adunit string| size string| code string| code1 number| flagsize object| temp1 object| bids object| bid string| temp number| flag string| adapt_temp object| params string| param1_name_video string| param2_name_video string| param3_name_video string| param4_name_video string| param1_value_video string| param2_value_video string| param3_value_video string| param4_value_video string| param1_name string| param1_value string| param2_name string| param2_value string| param3_name string| param3_value string| param4_name string| param4_value string| param5_name string| param5_value undefined| label object| adloox_pubint object| ignore number| current_time number| refreshval number| number5 object| _aps boolean| apstagLOADED object| apscustom object| lotame_sync_16576 function| ha object| vttjs function| WebVTT function| videojs function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_oa object| sync16576_xa object| sync16576_ya function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_J function| sync16576_K function| sync16576_L function| sync16576_la function| sync16576_ma function| sync16576_na function| sync16576_M function| sync16576_N function| sync16576_pa function| sync16576_O function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_P function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_Q function| sync16576_R function| sync16576_za function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_Aa function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Ea function| sync16576_Ba function| sync16576_1 function| sync16576_Da function| sync16576_Ca function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Ga function| sync16576_Ha function| sync16576_Ja function| sync16576_Fa function| sync16576_7 function| sync16576_Ia function| sync16576_La function| sync16576_Ka function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_Pa function| sync16576_$ function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa function| sync16576_Ta object| ID5 object| __id5_instances object| hadron boolean| __halo_loaded__ object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| PublisherCommonId number| iframe1 string| iframeid number| len string| pos123 number| size300 number| size250 number| size600 number| size728 number| size160 number| size120 number| size970 number| size90 number| size320 number| size50 number| size336 number| size280 number| size100 number| size640 number| size480 number| size1150 number| sizehp11 number| sizehp12 number| sizehp13 number| sizehp18 number| sizehp14 number| sizehp15 number| sizehp16 number| sizehp17 number| sizehp19 number| sizehp21 number| sizehp22 number| sizehp23 number| sizehp20 number| sizehp7 number| hijack string| h2 object| json object| test string| d1 string| a1 string| c1 string| v1 string| s1 string| h1 string| si1 number| d string| timezone number| current_hour2 string| safeframe number| custome_axt number| nextactive string| adunit3 string| adunit333 string| adunit2 number| countrgptreca4 number| tempval number| strategy2 number| flag4 number| status300new number| statusrgptreca4new number| stat string| id2 string| andbeyonddivrgptreca4 number| andbeyondwidthrgptreca4 number| andbeyondheightrgptreca4 number| countandbeyond3001 number| activeandbeyond3001 number| passiveandbeyond3001 number| time_refreshunitandbeyond3001 number| nextnumberandbeyond3001 number| counterefreshandbeyond3001 number| startdate number| mseconds number| crontime object| timerefreshand number| status_bad object| id1 string| aff string| pos1 string| text number| width1 number| height1 number| width2 object| andbeyond3001 number| strategy2andbeyond3001 number| strategy2widthandbeyond3001 number| strategy2heightandbeyond3001 number| strategy2typeandbeyond3001 number| strategy2counterandbeyond3001 string| adunit2andbeyond3001 string| zonename object| labelnew string| device object| restrict_bidder object| temp_ar undefined| temp_ar_new object| temp_ar_new1 string| keyname_new string| label_temp object| keyname_temp string| temp_val number| tempnetwork object| temp_net number| videoa9flag number| widthidandbeyond3001 number| heightidandbeyond3001 string| temp_caps number| flagvideo number| VIDEOFLAGandbeyond3001 object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog boolean| feb21e42-9ab5-4746-8f27-fae77d7ed1a9 function| videojsLogo function| videojsVttThumbnails object| videojsIma function| videojsContribAds object| closure_lm_302813 object| google_logging_queue number| tmod object| google_ad_modifications object| google_reactive_ads_global_state object| adsbygoogle string| google_user_agent_client_hint object| rtbpbjsChunk object| _rtbpbjsGlobals object| ADAGIO object| invibes object| mnet string| nobidVersion object| nobid object| au object| closure_lm_29602 string| mediaType object| sas object| apntag object| _ADAGIO number| success number| timeflag string| idnew2 number| knew number| newidflag string| vs3 number| nextpassive number| time_refreshunit number| nextnumber number| passivergptbillboard3 number| activergptbillboard3 number| time_refreshunitrgptbillboard3 number| nextnumberrgptbillboard3 number| newflag number| diff number| flagnewone number| passivergptreca4 number| activergptreca4 number| time_refreshunitrgptreca4 number| nextnumberrgptreca4 number| passivergptSkyscraper5 number| activergptSkyscraper5 number| time_refreshunitrgptSkyscraper5 number| nextnumberrgptSkyscraper5 number| passivergptleaderboard6 number| activergptleaderboard6 number| time_refreshunitrgptleaderboard6 number| nextnumberrgptleaderboard6 number| passivergptuniversalb2 number| activergptuniversalb2 number| time_refreshunitrgptuniversalb2 number| nextnumberrgptuniversalb2 number| videoflag object| videocode string| idnew12 number| videounit string| contextvideounit undefined| google_rum_values object| google_image_requests object| GoogleGcLKhOms object| ONFOCUS

178 Cookies

Domain/Path Name / Value
.sanook.com/ Name: _fbp
Value: fb.1.1706677060122.1819262187
.sanook.com/ Name: _gcl_au
Value: 1.1.4206996.1706677060
.sanook.com/ Name: _ga_M0RYDTKBFK
Value: GS1.1.1706677060.1.0.1706677060.60.0.0
.sanook.com/ Name: sa_optout
Value: 2
.sanook.com/ Name: dc_optout
Value: 2
.sanook.com/ Name: ads_optout
Value: 2
.sanook.com/ Name: _ht_v
Value: 1706677060.9345592323
.sanook.com/ Name: _ht_s
Value: 1706677060.2
.sanook.com/ Name: _ga
Value: GA1.2.1952691386.1706677060
.sanook.com/ Name: _gid
Value: GA1.2.1927022377.1706677061
.sanook.com/ Name: _gat_UA-8147095-6
Value: 1
.sanook.com/ Name: _sa
Value: SA1.2.1194892289.1706677061
.scorecardresearch.com/ Name: UID
Value: 1198555cbbb92b0901dcef31706677060
www.sanook.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.www.sanook.com/ Name: freq.5f73e63e47e7040e00000000
Value: 1
.criteo.com/ Name: uid
Value: 3fba49a5-ade4-4130-9718-fa6fa88f63b4
.doubleclick.net/ Name: IDE
Value: AHWqTUnlc9npp5gj2p025OOL1cKpTr-PjVLhlmjoseAO4eBD3ixZDQ5Y50c_6NOn
.sanook.com/ Name: cto_bundle
Value: Sv-aWV8wcWZPQU1GS3MwTXlyNlhwcXo2T3gwQVJkY05JelJhWlBTOE1ncyUyRkY5SEJoeGZyN1glMkZFWDZEcHg5Y1FPdGROZXJOWlo5c294UVNhT3puSWw2QjA3M0xhMGhMNjclMkJhVVRYQUdYcWdId0tLWnN1WE8lMkJSSGJuRURTVnUzNldUd2Q3Nzk2MVlrREMwWCUyRnNtcm4zTk5CTjBBJTNEJTNE
.sanook.com/ Name: _ga_17F0RQM2JW
Value: GS1.2.1706677060.1.0.1706677060.60.0.0
.sanook.com/ Name: _cbclose
Value: 1
.sanook.com/ Name: _cbclose45879
Value: 1
.sanook.com/ Name: _uid45879
Value: 19A39A2E.1
.sanook.com/ Name: _ctout45879
Value: 1
www.sanook.com/ Name: verify
Value: test
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 43979405-4EF2-4FF7-97BB-059840D99A84
.adnxs.com/ Name: XANDR_PANID
Value: u1h_9FJBgLrNBniHZbPH9VfYC0wmzZA5IG6lRya0vuqHfOjo3jFBBun3n53D2d7h1HLUsWqHc_Pdv3Gy8rngYDJeen9RoNZc-FexafH_yjg.
.adnxs.com/ Name: uuid2
Value: 6626623700304249093
.sanook.com/ Name: lotame_domain_check
Value: sanook.com
.quantserve.com/ Name: mc
Value: 65b9d345-798b5-a50f2-84c6f
.rubiconproject.com/ Name: khaos
Value: LS1BGGMU-6-JDB4
.openx.net/ Name: i
Value: ddff56b7-416d-0bc1-3917-f2ae37f7d453|1706677061
.adfarm1.adition.com/ Name: UserID1
Value: 7330122161836193936
.bidswitch.net/ Name: tuuid
Value: ab70f9cc-ddaa-4a92-a1ec-b4be5e1439da
.bidswitch.net/ Name: c
Value: 1706677061
.bidswitch.net/ Name: tuuid_lu
Value: 1706677061
.weborama.fr/ Name: AFFICHE_W
Value: CCLEu4DoUb4I38
.simpli.fi/ Name: suid
Value: 2A0CD7624B904F2592C0E7A29E0182DA
.sanook.com/ Name: __gads
Value: ID=3c78105478a70ea7:T=1706677061:RT=1706677061:S=ALNI_MY0AvCiT1hErVYGJou7mUM0n_QTRg
.sanook.com/ Name: __gpi
Value: UID=00000d4d600b9ce2:T=1706677061:RT=1706677061:S=ALNI_MbQx-TYLJd47-z6dVm07lQyYak3VA
.sanook.com/ Name: __eoi
Value: ID=367d483ed7ba481b:T=1706677061:RT=1706677061:S=AA-AfjY_kmWpJ1CWRDtd7vr5zu7B
.adform.net/ Name: C
Value: 1
.teads.tv/ Name: receive-cookie-deprecation
Value: 1
.de17a.com/ Name: guid
Value: 1.1884283304624959305
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-Fosl3ESNc9ANiX7dQotqhBWOIdcNhnOGFtiWnV56&KRTB&19420-Fosl3ESNc9ANiX7dQotqhBWOIdcNhnOGFtiWnV56&KRTB&22979-Fosl3ESNc9ANiX7dQotqhBWOIdcNhnOGFtiWnV56&KRTB&23462-Fosl3ESNc9ANiX7dQotqhBWOIdcNhnOGFtiWnV56
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEKt_W4JRJ-yoZFvbw2EoXbo&KRTB&23025-CAESEKt_W4JRJ-yoZFvbw2EoXbo&KRTB&23386-CAESEKt_W4JRJ-yoZFvbw2EoXbo
.adform.net/ Name: uid
Value: 5709976349021260889
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6626623700304249093&KRTB&23339-6626623700304249093
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7330122161836193936&KRTB&23369-7330122161836193936
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5709976349021260889&KRTB&23263-5709976349021260889&KRTB&23481-5709976349021260889
.teads.tv/ Name: tt_viewer
Value: 7428a2de-1f70-4a5b-a875-e99e07efca5d
.audrte.com/ Name: arcki2
Value: 411AlrK9FI4SHK7G99lUqYa-A!20220908!1706677061626!ip#149.88.27.84
.audrte.com/ Name: arcki2_pubmatic
Value: 43979405-4EF2-4FF7-97BB-059840D99A84!20220908!1706677061626
.openx.net/ Name: pd
Value: v2|1706677061|gen0vNvQiygu
.sportradarserving.com/ Name: zuuid
Value: e44ed6c8-35cc-4641-b331-06086abd0ea2
.sportradarserving.com/ Name: c
Value: 1706677061
.sportradarserving.com/ Name: zuuid_lu
Value: 1706677061
.creativecdn.com/ Name: g
Value: iVegcvmj7IjiiPO3h0PI_1706677061642
.creativecdn.com/ Name: ts
Value: 1706677061
.crwdcntrl.net/ Name: _cc_id
Value: ac1c4c30844d9f85e13ebf3c9382aae4
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-1884283304624959305
.sanook.com/ Name: _cc_id
Value: ac1c4c30844d9f85e13ebf3c9382aae4
.bidr.io/ Name: bito
Value: AADi3k7Lc6cAABQCAGhMTQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.sitescout.com/ Name: ssi
Value: d059a7c7-748a-4630-a953-a1008e7ed124#1706677061661
.innity.com/ Name: iUUID
Value: c43d016800e0ddc48976a859708c91fd
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1706677061
.quantserve.com/ Name: d
Value: EPYBEQGEK_ijCJiTAA
.sanook.com/ Name: iUUID
Value: c43d016800e0ddc48976a859708c91fd
.sanook.com/ Name: innity.dmp.225.sess
Value: 1.1706677061691.1706677061691.1706677061691
.sanook.com/ Name: innity.dmp.225.sess.id
Value: 17027179.225.1706677061691
.sanook.com/ Name: innity.dmp.cks.innity
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_632
Value: 23041-qsDFJx_7DrIJOSX-pA8sNLE1U5yTtQx9kqaM7a8sZTI&KRTB&23047-qsDFJx_7DrIJOSX-pA8sNLE1U5yTtQx9kqaM7a8sZTI&KRTB&23234-qsDFJx_7DrIJOSX-pA8sNLE1U5yTtQx9kqaM7a8sZTI&KRTB&23361-qsDFJx_7DrIJOSX-pA8sNLE1U5yTtQx9kqaM7a8sZTI
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-d059a7c7-748a-4630-a953-a1008e7ed124-65b9d345-4348&KRTB&23418-d059a7c7-748a-4630-a953-a1008e7ed124-65b9d345-4348
.audrte.com/ Name: arcki2_ddp2
Value: 411AlrK9FI4SHK7G99lUqYa-A!20220908!1706677061716
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-ab70f9cc-ddaa-4a92-a1ec-b4be5e1439da
.mathtag.com/ Name: uuid
Value: 06ee65b9-d346-4700-ba4c-dbf0521173fc
.amazon-adsystem.com/ Name: ad-id
Value: A4LerY3TQEVnrJ5fK0cKBSg
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:06ee65b9-d346-4700-ba4c-dbf0521173fc
.smartadserver.com/ Name: pid
Value: 5322462639283243386
.smartadserver.com/ Name: TestIfCookieP
Value: ok
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-11a0c0d1-cf8a-500b-6339-774394fd21e7.u0Gn2ZT9HyVyTy8pMDYXDg2kOU7J7lLE6skaoWpmKLI
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-11a0c0d1-cf8a-500b-6339-774394fd21e7.u0Gn2ZT9HyVyTy8pMDYXDg2kOU7J7lLE6skaoWpmKLI
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AEaDA0c-KUAtjOXdDlP0h55VYG1Q.xP3p16YgYGf1jlrudzTE%2BuQuvzrXkc%2FmOOjawRo66f0
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AEaDA0c-KUAtjOXdDlP0h55VYG1Q.xP3p16YgYGf1jlrudzTE%2BuQuvzrXkc%2FmOOjawRo66f0
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKICYC4GQk_4B3cULLxHBqZe8zD_cb8C9qFZ_k5FoN1ca2EHwYBCDFpuetBjABOgTwi70wQgSjKdlH.X%2B1A1uNDI5twtB3S29EqHsclgKrkw2%2FfQlAHGiqUecA
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKICYC4GQk_4B3cULLxHBqZe8zD_cb8C9qFZ_k5FoN1ca2EHwYBCDFpuetBjABOgTwi70wQgSjKdlH.X%2B1A1uNDI5twtB3S29EqHsclgKrkw2%2FfQlAHGiqUecA
.audrte.com/ Name: arcki2_adform
Value: 5709976349021260889!20220908!1706677061858
avd.innity.com/ Name: geo
Value: AS%3BIsrael%3BIL%3BCentral%20District%3BM%3BYaqum
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAIw-uaJBMOowMimYNWAAAAAAA&KRTB&22713-AAAIw-uaJBMOowMimYNWAAAAAAA&KRTB&22715-AAAIw-uaJBMOowMimYNWAAAAAAA&KRTB&23519-AAAIw-uaJBMOowMimYNWAAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-EaDA0c-KUAtjOXdDlP0h55VYG1Q&KRTB&23334-EaDA0c-KUAtjOXdDlP0h55VYG1Q&KRTB&23417-EaDA0c-KUAtjOXdDlP0h55VYG1Q&KRTB&23426-EaDA0c-KUAtjOXdDlP0h55VYG1Q
.yahoo.com/ Name: A3
Value: d=AQABBEXTuWUCEJonmRzrTZ6exfwMV8tlXXwFEgEBAQEku2XDZbtj0CMA_eMAAA&S=AQAAAgFqHeAEeT7VsZEm2t5eAR0
.contextweb.com/ Name: V
Value: UuA4zY9ygAHE
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 642310f1cd519346
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AADi3k7Lc6cAABQCAGhMTQ
.casalemedia.com/ Name: CMID
Value: ZbnTR1m07vDmG2p.Q6etjAAA
.casalemedia.com/ Name: CMPS
Value: 2224
.casalemedia.com/ Name: CMPRO
Value: 2224
.doubleclick.net/ Name: DSID
Value: NO_DATA
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
www.sanook.com/ Name: _lr_retry_request
Value: true
www.sanook.com/ Name: _lr_env_src_ats
Value: false
www.sanook.com/ Name: _rtbpbjs_userid_consent_data
Value: 3524755945110770
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSEw2TDZJNjawMDFJsUyzME01NE5NSjNOtjS2MEpMTDVhAILUnZfdQTQUAABn8gt4"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI3XnZHUhBAQAb7gI5"
www.sanook.com/ Name: ucf_uid
Value: 47ebcca6-7491-4edd-8c9f-aa8908b67fe0
www.sanook.com/ Name: pubmatic-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222024-01-31T04%3A57%3A43%22%7D
.sanook.com/ Name: panoramaId_expiry
Value: 1706763463362
.sanook.com/ Name: panoramaId
Value: 4067f0f776eb92a4155e200842cfa9fb927aa7b5748e7146fd5ec3869d96eebd
.connatix.com/ Name: cnx_userId
Value: 2239a0311ed949039d5f6047edfe3a1d
prebid.a-mo.net/ Name: _Amc_b
Value: 0
.primis.tech/ Name: csuuid
Value: 65b9d34772da6
.sanook.com/ Name: FCNEC
Value: %5B%5B%22AKsRol9M2phFj4i4i_8ww9vrJtuq99NFFtnkko32p6qPaTidKAukU0fToGdgH4UGPk75H3Fg9p7KVcvwRTs7Boj7HV4x6D1f5QJXEGSa5Cc_34KUhDt1jGvIpiixAQq9PfwA0E6Eowo44oZtLw-vGP_Pm3JGPWsnuA%3D%3D%22%5D%5D
.linkedin.com/ Name: bcookie
Value: "v=2&67c4c627-24dd-4a59-8f5c-f020fb6d1713"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDY2NzcwNjM7MjswMjF1MFI6ZYe20/Bk4aQiEY27X4u6TYXf6KjMfAX0OulG9Q==
.linkedin.com/ Name: lidc
Value: "b=VGST04:s=V:r=V:a=V:p=V:g=3130:u=1:x=1:i=1706677063:t=1706763463:v=2:sig=AQFY8SRsHzIm4b9x_E-peX2eP0Hi6f5K"
.ipredictive.com/ Name: cu
Value: 6ae51bd1-a233-4fd8-98f5-ddbbd65f9a5f|1706677063599
.yandex.ru/ Name: yandexuid
Value: 4914924661706677063
.mediago.io/ Name: __mguid_
Value: f34e96990a4aa6eb2nqrm600ls1bgidy
.media.net/ Name: visitor-id
Value: 3496786637934849000V10
.dotomi.com/ Name: DotomiTest
Value: 7d2b42230dad18f1
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpBS+B3mPsehpjNLKGdDwNQNfInUvAj0qVASNAWtAhRTiSaKF7Fhy9y1mrngluyoSFc48YnZs8G7uBxGCOXoSK1YWXbfZ9KG2WyqVI1k5poNA==
.lijit.com/ Name: ljt_reader
Value: IFOJAPZHVHLdzjBiTLy7aoc9
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~2ghg:18vk~2ghg:19e0~2ghg"
.lijit.com/ Name: ljtrtbexp
Value: eJyrVjI0U7IyNDcwt7AwMzMz1lEysUTlW5ii8g0NjFEFjMwhfCMLQwsz41oAsv8QuA%3D%3D
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcwNjY3NzA2MTY5MSwiNDgiOjE3MDY2NzcwNjM4OTQsIjM5IjoxNzA2Njc3MDYzODk0LCI3IjoxNzA2Njc3MDYzODk0fQ
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1pfb|2N.0.AAAIDmBsQS56hQNzRWhhAAAAAAA|4is.0.CAESEPAZvrX15QqijfrbfHjcV7M|7dN.0.AADi3k7Lc6cAABQCAGhMTQ|7dW.0.1
.lijit.com/ Name: _ljtrtb_49
Value: UuA4zY9ygAHE
.lijit.com/ Name: _ljtrtb_85
Value: AADi3k7Lc6cAABQCAGhMTQ
.adx.opera.com/ Name: UID
Value: OPUeefb8bf9417b492cace669cf437a7ad8
.lijit.com/ Name: _ljtrtb_103
Value: OPUeefb8bf9417b492cace669cf437a7ad8
.tapad.com/ Name: TapAd_TS
Value: 1706677064050
.tapad.com/ Name: TapAd_DID
Value: 8d45ff65-fd82-4dff-8d33-88be86caf8d9
.admanmedia.com/ Name: admtr
Value: 35fda205-af75-486f-b445-828894e766ae
.admanmedia.com/ Name: ac_r
Value: CS159
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.smartadserver.com/ Name: csync
Value: 76:CAESEFOfma2McrWZelkrJXxE2Og|86:6626623700304249093|127:AADi3k7Lc6cAABQCAGhMTQ|130:35fda205-af75-486f-b445-828894e766ae|139:0
.lijit.com/ Name: ljtrtb
Value: eJyrVjI0MFayUvIPCE1NTUuySEqzNDE0TzKxNEpOTE41M7NMTjMxNk80T0yxUNJRMrEEKg0tdTSpirSsTHf0cAWKWZgCxRwdXTKNs819ks2SHR2dAp0d3TN8QwKVagHbyhoN
.lijit.com/ Name: _ljtrtb_16
Value: d059a7c7-748a-4630-a953-a1008e7ed124-65b9d345-4348
.pubmatic.com/ Name: DPSync3
Value: 1707868800%3A227_226_219_197_201_245_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1707523200%3A63%7C1707868800%3A251_161_13_7_234_99_176_56_55_21_264_254_46_22_238_220_54_71_81_165_88_3_243_8_266_233_214_249_166%7C1707955200%3A35%7C1709251200%3A203%7C1711843200%3A69%7C1707264000%3A15_223_2
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUeefb8bf9417b492cace669cf437a7ad8&KRTB&23485-OPUeefb8bf9417b492cace669cf437a7ad8&KRTB&23524-OPUeefb8bf9417b492cace669cf437a7ad8
.zeotap.com/ Name: zc
Value: 24f099eb-22b4-4d91-4695-6df07988b34f
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: pi
Value: 155976:4
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1706698664490
.adsby.bidtheatre.com/ Name: __kuid
Value: e9c3b3bc-3705-4fd0-aff5-bb5f23b01245.475891064
.onaudience.com/ Name: cookie
Value: 604ef9aa2b751a39
.onaudience.com/ Name: done_redirects236
Value: 1
.ctnsnet.com/ Name: cid_9702ac645cbf4fedb51cae51ad71a5e8
Value: 1
.csync.loopme.me/ Name: viewer_token
Value: fda73f95-bee5-4bd3-bc61-aa947a784ef6
.turn.com/ Name: uid
Value: 7074598175722257285
.semasio.net/ Name: SEUNCY
Value: E9EF45B73634BF95
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7074598175722257285&KRTB&23150-7074598175722257285&KRTB&23527-7074598175722257285
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3Mjc3NjM0NDcwMxLiM9QtiLIw9jZ3Tw92MQwFAOjHih8lAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3Mjc3NjM0NDcwMxLiM9QtiLIw9jZ3Tw92MQwFAOjHih8lAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtobmBmZg4kTEyNjAFRcJOlEAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5142336727736117062
.pubmatic.com/ Name: PugT
Value: 1706677063
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZbnTSAABW68TOwBK
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-e6bb17fd-fe96-4226-b35d-349650324f34-003%22%2C%22nxtrdr%22%3Afalse%7D
.eyeota.net/ Name: mako_uid
Value: 18d5de153a2-78500000010f5753
.eyeota.net/ Name: SERVERID
Value: 22355~DM
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C%sr**p8!]tbPl1M>e)ZlrFUfJ+tGXxp2EX5AAZp:GeA)2E4BBkC5IGS/ZYvmlzhj$Lt3If)y3KL9D3I?+FT<=^l
.onaudience.com/ Name: done_redirects200
Value: 1
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-e6bb17fd-fe96-4226-b35d-349650324f34-003%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-e6bb17fd-fe96-4226-b35d-349650324f34-003&KRTB&17107-RX-e6bb17fd-fe96-4226-b35d-349650324f34-003
.smaato.net/ Name: SCM
Value: df2a3a0eef
.smaato.net/ Name: SCMu
Value: df2a3a0eef
.zemanta.com/ Name: zuid
Value: cZ3GPkR_72i03osDAElZ
.tribalfusion.com/ Name: ANON_ID
Value: anntuJoZdUQdR2Hp9uswmOm85XtBdmBsRkv4hmtW1UN5EiBJtogWVjbXNU28yrrIJyZccbBsZaipwycZcTKVmRZc6xs7Zc
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-H1I2i050UaWnMRggXhTVbgYR
.pubmatic.com/ Name: SPugT
Value: 1706677065
.4dex.io/ Name: uids
Value: eyJzeW5jcyI6eyJvbmV0YWciOiIyMDI0LTAxLTMxVDA0OjU3OjQzLjQ1NDc1Mzg2NVoiLCJwdWJtYXRpYyI6IjIwMjQtMDEtMzFUMDQ6NTc6NDMuNDU0NzYzODU3WiIsInNtYXJ0IjoiMjAyNC0wMS0zMVQwNDo1Nzo0My40NTQ2Njk4NDVaIiwic292cm4iOiIyMDI0LTAxLTMxVDA0OjU3OjQzLjQ1NDc1MjQ0OVoifSwidWlkcyI6eyJhZGFnaW8iOnsidWlkIjoiODQ0MzEzZmYtN2QzMy00Y2Y3LWJjMjMtNzRkNzUxOGE5NzJiIiwiZXhwaXJlcyI6IjIwMjQtMDMtMzFUMDQ6NTc6NDMuNDUzODI4NzYyWiJ9LCJwdWJtYXRpYyI6eyJ1aWQiOiI0Mzk3OTQwNS00RUYyLTRGRjctOTdCQi0wNTk4NDBEOTlBODQiLCJleHBpcmVzIjoiMjAyNC0wMy0zMVQwNDo1Nzo0Ni43NDU3MDM4ODZaIn0sInNtYXJ0Ijp7InVpZCI6IjUzMjI0NjI2MzkyODMyNDMzODYiLCJleHBpcmVzIjoiMjAyNC0wMy0zMVQwNDo1Nzo0My43NDczMDcyNzhaIn19LCJiZGF5IjoiMjAyNC0wMS0zMVQwNDo1Nzo0My40NTM3NTM2NTZaIn0=

5 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/1489944661112333?v=2.9.143&r=stable&domain=www.sanook.com&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98(Line 95)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://rtb-eu.andbeyond.media/hb?zone=136922&v=1.6
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 507)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript error URL: https://www.sanook.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://www.sanook.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

67c897cbd6241acece1c5fd00825086b.safeframe.googlesyndication.com
a.ad.gt
a.audrte.com
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.mrtnsvr.com
ad.turn.com
ads.pubmatic.com
ap.lijit.com
api.rlcdn.com
apiu.sanook.com
avd.innity.com
avd.innity.net
b1sync.zemanta.com
bam.nr-data.net
bcp.crwdcntrl.net
beacon.taboola.com
bh.contextweb.com
bidder.criteo.com
bmedia1.fsanook.com
bs.yandex.ru
c.amazon-adsystem.com
c1.adform.net
c21lg-d.media.net
capi.connatix.com
cdn.ampproject.org
cdn.aralego.net
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.ocmtag.com
cdn.prod.uidapi.com
cdn.taboola.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
connect.facebook.net
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs.admanmedia.com
cs.media.net
csi.gstatic.com
csync.loopme.me
d.turn.com
d13d5af2980cb9d8b874bbd18b87602a.safeframe.googlesyndication.com
d5p.de17a.com
data.adsrvr.org
data00.adlooxtracking.com
dc.sanook.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
graph.sanook.com
green.erne.co
grid.bidswitch.net
gum.criteo.com
hb.aralego.com
hb.yahoo.net
hbopenbid.pubmatic.com
hbx.media.net
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img-as.fsanook.com
ipac.ctnsnet.com
j.adlooxtracking.com
js-agent.newrelic.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
live.primis.tech
lvs2.truehits.in.th
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
oa.openxcdn.net
onetag-sys.com
p.adlooxtracking.com
p.rfihub.com
p3.isanook.com
pagead2.googlesyndication.com
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
ps.eyeota.net
pubmatic-match.dotomi.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
region1.analytics.google.com
rtb-csync.smartadserver.com
rtb-eu.andbeyond.media
rtb.adpone.com
rtbdemand.apiip.net
rtbpass.andbeyond.media
s.ad.smaato.net
s.amazon-adsystem.com
s.isanook.com
s.tribalfusion.com
s0.2mdn.net
sal.isanook.com
sb.scorecardresearch.com
script.4dex.io
sdk.ocmhood.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sloth-api.sanook.com
ssbsync.smartadserver.com
ssp-sync.criteo.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.aralego.com
sync.crwdcntrl.net
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.adx.opera.com
t.ocmhood.com
t.pubmatic.com
tags.crwdcntrl.net
tencentth-d.openx.net
token.rubiconproject.com
tpc.googlesyndication.com
trace-eu.mediago.io
u.4dex.io
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
ut.pubmatic.com
webboard.sanook.com
wrappers.geoedge.be
www.facebook.com
www.google-analytics.com
www.google.ch
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.sanook.com
x.bidswitch.net
ad.mrtnsvr.com
api.rlcdn.com
cm-supply-web.gammaplatform.com
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
sync.aralego.com
104.18.41.104
108.138.6.136
13.32.121.17
141.94.171.216
141.94.242.206
142.250.181.226
142.250.184.226
142.250.185.130
145.40.97.66
146.59.148.16
151.101.129.44
151.101.130.137
151.101.66.49
151.101.67.52
162.19.138.116
162.19.138.118
162.247.241.14
162.55.120.196
172.64.149.180
172.64.151.101
178.250.1.9
18.157.105.44
18.239.18.118
18.245.47.29
184.30.211.26
185.184.8.90
185.64.189.112
185.64.190.82
185.64.191.210
185.83.71.234
185.89.210.180
192.96.203.13
193.0.160.130
195.5.165.20
198.47.127.19
198.47.127.20
198.47.127.205
2.18.160.23
2.19.100.239
2.19.104.211
2.19.105.180
2.19.216.27
2.19.217.101
2.19.217.60
2.22.242.107
20.127.253.7
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
203.151.128.177
203.151.133.19
203.151.133.6
203.154.58.214
208.93.169.131
213.155.156.169
217.182.178.234
23.215.19.214
23.53.232.23
2600:9000:211e:6000:1b:5138:8a40:93a1
2600:9000:225b:9400:a:e047:753:eb41
2600:9000:236e:c600:2:d490:4d80:93a1
2600:9000:237d:0:1a:5235:f980:93a1
2602:803:c003:200::44
2606:4700:10::6816:3262
2606:4700:10::6816:3456
2606:4700:10::6816:35ad
2606:4700:10::6816:4092
2606:4700:10::6816:445
2606:4700:10::ac43:17ea
2606:4700:20::681a:467
2606:4700:20::681a:6e4
2606:4700:20::681a:9a9
2606:4700:20::ac43:49e4
2606:4700:4400::6812:22b2
2606:4700::6810:5514
2606:4700::6812:18ad
2607:4f00:944:0:3eec:efff:fed0:86a2
2607:f8b0:4001:c2e::78
2620:116:800d:21:c5a4:625:6563:a5bb
2620:1ec:21::14
2a00:1450:4001:801::200a
2a00:1450:4001:802::2001
2a00:1450:4001:806::200a
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2008
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2001
2a00:1450:4001:831::2006
2a00:1450:400c:c00::9a
2a02:2638:3::3
2a02:2638:3::6
2a02:2638:3::7
2a02:2638:3::c
2a02:6b8::90
2a02:fa8:8806:20::2010
2a02:fa8:8806:20::2040
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a05:d018:d29:3605:4d30:662b:6e06:fc7c
2a06:98c1:3121::3
3.127.178.105
3.71.149.231
34.102.146.192
34.107.231.31
34.111.113.62
34.111.129.221
34.120.63.153
34.149.40.38
34.246.105.162
34.247.62.134
35.186.193.173
35.204.158.49
35.214.149.91
35.214.157.145
35.214.167.88
35.214.168.80
35.241.31.249
35.244.159.8
37.157.6.243
43.152.26.104
43.152.26.197
43.152.26.221
43.152.44.84
46.137.57.151
46.228.174.117
47.243.203.231
50.31.142.191
51.75.86.98
52.223.40.198
52.28.196.42
52.46.130.91
54.152.54.228
54.205.56.39
61.91.93.41
61.91.93.45
63.251.232.165
63.34.44.38
64.227.64.62
67.220.228.203
69.173.144.138
69.173.144.139
74.121.140.211
77.243.51.122
77.245.57.78
79.125.80.207
80.77.87.161
81.17.55.171
82.145.213.8
85.114.159.93
98.98.134.243
99.80.224.8
99.86.4.39
0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda
0544e1d97cf6e449ad57604a9764c60f60229d082f889ecedf3d9dc941712275
05e3956bb87de48ce3f7d7dda77106608bb9d9d7a0f88045fdbf996e604a0b5c
062e7c29b1c3e36f8684e7e298346efe23cd760daf282103361b0645d843c686
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08a8463bf15cca775e8cc01995f1d42758cbda90dee2b7019fee15daa62822c9
08e17785e0ad9e0247e2c5035d48d6d58bff8fcd77cee72380f9e01e2889a1a7
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0b2e019fbe37d9642ad85f3194ef708e5510f4e580544587d3036d2c6a22809e
0b50eeffe14d3692b29ee7b525ecd7f45451d2c98062f3a5f0cb181d84436bcd
0b55ec4e5aa91ac70224085c402a372fcdd954dd4df3229b7de7efbfa86cff3c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf235f65552d14d9d2c2d786276b2a1c1ee7b2969646805c214e3e3c8de3145
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c44239c0413ae336a3871906e4fc1a415d9a076157f92d250bfae2187ce1c7f
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0d3fe96e73e70758366f33ffc86ef6a6e07a00ff53a64f17fa1ab86bf125db49
0d9e1b76e2c6baa51e60f8e4689e22fe58ba91cae687a4743f82926fa5a67cb2
0da77faecd6d179ee90d81ff49357f2bde86b6a5d4c5314e4958f33e32a14669
0e8067267aeb234755e4f82c7ca2ee7ecee32ffe6556d9dc7ef18c727c1d2e95
0ed2bdecbe2d17f2e549b42f9e87ddc9e9c225135fc93e0e73356130924c557e
0fc98c135a2fc30eb81a14617a47ff036f4c71bfc80dbb1f24e47908c9188862
1150925cc59c7046516a9aaaf3d9add1cd9cce4f6a5002154a4cfe3432906427
12c77ac611a4332b163f12367043df571ad45e56537880d12235f9aa3376e777
12db6710704be359f07f6c1e2bcb3955a3fd0ed332d59586cb0c38c6858c7312
1525feeba7d859bacf296e2e4ad7e60f289bb5196518171d7a63990d7f5000af
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
168092d803b6a4aaea751a92bf5e84dc34925555b0ed72331a8a299c3475d0d0
177ac7e09a74a55db9ea5543046664aabb5e04237dfc14a4338f09904ae38e6b
1822ff22bc35e9bcbbd33d4adbd3c0a10efeee3d66bfe790ff3e7057d2bca485
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a06ebb32c05bd564543fccfd732afd1cbd95cc2f118b537017b937bf6c69995
1a3a380072c096937a52cb90c066dab063adeb2edf37d74b1571e521733f65ec
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1bb33ed1b1cf3a7c80816f7acb4ced11f95e82ae3d1be6b8dd0bf3e726ce1a64
1bc92ddfc5d7de2ed016c4c69b2180991b5eeada35b1c0faca7bf66cd64dc9bd
1bd5dabc4e8e00076f6bc7c2fa9902b27d32af31dc3094087f178e74df218c95
1bf2204e4bc320500b589d112b120f2c00240f6bac71af61590485ae0ebc5998
1c20d9917401570e57b29c63fcec6ac1c7b8394777f16ddeff554000c9a94ebb
1dd45e485598f5208a4054697253d9aa0e864526e88d5279bdd5cbc41a8030a0
1e496ce04d71bc3bcd3dbc7857b1716b5c1092886b8bc918b384ad702866c07b
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
209144720915b26b1ba9d40bcd57bbbc3e85dfeb8033c23f483047e91c910efe
211ce11050c57b74d7f793232305a8ee5cea7f061366efaa6df4bff5cb7a2495
22c575f163d6a9fd81f2fced40f7d9b6cfb165b78e1cfb92fc8df3a73ce9349f
230e75f246a0963a4a50f5d569d35a5d61fc911f0813c1789617dee5f8e3b381
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
23c7a4aa75358f52cc68c676f0bbf04160f30519e226154baf4dacf42486b809
23c9e469b02fc58673c60810e43fae54ccfa7adb40d7e3e9ca0f5e46f49d7422
24262dba5f8026f351bf575146c539e9a0be62ed97e3e92834734b78ebddf55d
24d69d92d039760367c17f1b3dc994220ff4471139e943cd24c87ab90f734713
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
27e3898e078a99fc5f43b11cbef454a94563852fc306e3a9f163146e02751a19
2956d2a17c9d63172d107c53fe3c7ce221ac3e9804726f62c53822dc33c14089
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ac05fa6e28bdd8a7dae41f39d4f0d1d1fdd2375132dc85e99a9e35fbb24d880
2ad2e0dabfe69db1f2fa50e28da4cff673db42de2a7c9990610dc913ae7f8ab5
2aff5d5ca5f97e1548d66143a56986761144ee8ac7b427ac167fb6e42e314a96
2b80a8df58622ebb1f869e72d9b76d56e82eea4a34e082f720494661e111ed9f
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87
2dc0b929a0df6ae31b0b78e89ecf467fd7667a362242f084f8462d65d1a5fa01
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e16af1174a94ddfda847bcf35f683e898eb3f2b39b6852fbde88140f192d503
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f7735fce76148ac8c6e0b5e52174312873694d58501188d7c517689343d8775
30298a7355d1e6c5d1e66cb94dded7de551cbc5fd73537424caadb597379bd03
30f626b7d89b4a108dea23a3840cb1f923334a36f485ebcc8075f06a79904cbb
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32d4e32610f665f17e5f51340879ea8ef32485270d3e74e8e70eeae967b32cfd
36726fd194e9e08908bb49a382c3fe0b70ee41d480b09869b5aa70c81fcabe7f
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39a9767a33fe8b9d31f24bb9f29f98152c9f738a1bf59539cfd87285d30be231
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d89d2a833e0c8b73ddaac6d6ec14c4ab06c648ee6574f1b29e9ab8435e2f41e
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fd13b0daf2652dbdb226aa907f3bca0cf7d986fe8445cb6beff7f22da20f43f
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
412e44de7c09f2b8d76b1ad4ca25cc6915bcca5d737aaa7c5a6b44e5965d1d6d
4280a80ca628156ee5dadc954d54bb73f465db891e63bcdaaa9ad40022f58982
4351466777b336b6ddbc423a48543fd869acac70ba47f2142461cd4ec67f8894
43589efbbb838f13a86301f0e06f5f3b6eac8fd4eab6176c3b7207726b0491ad
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46ccb0215c374a045b198ec68b07283154c9f0d547f23b40642771f26d5bcda7
47699d74cbc64fab57d41f8263d945de97320e0e64658e2093abf061c1975802
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c188781ed45684ad88eaab658950fc725d584df86276cbcd55602e92d9cde9f
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
4de0eee74e514aa29dd5616c4627b5a5b75eccf3b87e8caa2da1afd6460d6f25
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f05a8b84787d2326b021102a13be8c6caae7d14dc9935b5b57dd00c36f4b287
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
507a9f376dfa7ad48d864182db28f05da52f796c16cc0291fbea9291713a931f
50b19099ebca11eae52e56b077ea2f8d618a21e6a9657a8de01467f764ef910f
5240d437390c9153b67f20b40405508295aa481205ff2808991c10719ac45b55
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5540e67dc4ecb146241ad1fbf5219c104d8defd56d79b859f567d11e5fc19650
556320446677740f6ff2e7aab81f4d75e32998a2f5b6c2f7766fbdf398faaa41
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59ecfbda6cc065e29f35167304c3fa56b28a06a147c6a043344b111ba4f60f71
59fea1913aa560263c77df5e4f9232b16b26a5528d74dbc15096567513921509
5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305
5bf7724d62557cbb156e410f424acf0d48a3f5b6db47b4ba25db0699d9e1305a
5c10077637b6f89662fa6fdddd71f62795d1b2666a5920d8245ee828ca2355e8
5df083d482ffe8106175a2613d36a8bf8294c0f3f95584eab9fed846828cffc1
5dfa82f46c4ae85ec1f5515f5b74b176b6b00343eb768ebbe7777a4cb00d30f9
5e05ffe6fc613dd834356726d82f8bdd391db328d93e3271ed736604baa7f774
5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505
6110bd3d72d24a65ab45401d0318208e362f323aca3c84d57a36523d34a60f0b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62998eb230205cec9dbb97bedc6654520af6e3b2b452f17c38b54eb10829a005
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
643fe707091c6e32630daf29adabf146aea6096d30af0367bcddbe54c19bcad0
64faf061ed09cea996b42e0975d7b0425b77b4b50967b211bd5cf375508df564
653052a4cb75b31383efc7ca5448cafcb6d67dc9082356f311b597055a80add2
6573600e0b8e8846b336b6bdd25cf29487f066ed5960befe0a17e9a1d74e6081
65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4
65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479
68de9947c014ba26a1d48132dc5a94697f4c575972d2944da8e496f5780fd7b2
695669eab4d353184ff9d06af8b2e1d0c0aea5af143d16b84206b05f1fa7ec3d
6a7a5d4880da094eecc92162547af4f043c0787e82d15acdad4c361ec2cbca1f
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6ab2e352cfe86cfdd8fb22f2ae29e01ddb6620875c447815b49878f4a1742303
6b9b64423c01c2a2f45b85c118d41382e9fa6cb4f1108fc599fe86c8a61bcf7f
6c08ba51b94d20c9a5a2b6c2e776f22b3754d9272252d514118c7ce5ebada2ec
6e874111442f36d488f5e4a7f742391a8c02b70c60b333454fe4f85a3b26e3d5
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
745f76c8d7cfbe00c5f1d9cd212b35730ca273ebdf6f8b0f3f4f69e0ccb2ba29
74aa6309019c092ba8f296910376b27b4b5b10a1dc0df0120b9ed7cacc696d57
76826516b4d37ab488d0163d4d43fa6f56199dae748fdfbabcd447c78528464e
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
78788a484b77f37f7426b9bd6f15cd74c9ef95a46537de4c6a6f87ecea090d4a
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d
7a68ecd6959d69d72a7009ade4039b100f1d1a929fa16917530b65ef15a2176d
7ab5ebf479a3bc31f6eefd301a5d66b04aedc64efbf6715dbbcfa0d700d7106c
7bb012c687f4e38f9edbfc14fd7ec2f5a0840b484c1502374106af036773f5bf
7bd1455aad3de557a37e6f8cdf433113d3117bdeff1e909326542461918668f0
7c1c68f9a44bdd481acb64b7a808c36d872f94aa23379df9434c0d05be1bf6cf
7caf1116c3bc0eaa5621eee17963a717177553c68cce31ba7422a81d2d3fea6d
828767fbeb1fd6669664e2017314c590e3ed617df4a258a6ad788f8328c37999
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8308b026bb9efe76c7be488233788903523d937570cacf353cb597267a77b3b9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84dbea809787acd9c5c767113eb3f7bc492f55812613c10507f66f10d205db36
852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e
85f22f476468816239f306942be872c6b388ee104419ee6ffe3102a31d4ebc95
870316922190e591389d2030dae15b82d4c571068a3fd167a20b757648f7d770
8756f19020bac3a40d2a403c5f5bcf3ac5034bc0da074d6a383bbe6c32561de5
885cb38c43b35c7ff9befe60f6c96f653d15befa0770f5f2ea0ea5cbc5d03a68
891d91561eb4ec2f07950731425b4edfb16143cad18f143fbf710d9f4ccddfaf
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ac4716a4096a6d64dfe4be46d216b50bbe1abf1de72454c1c59661ec0e4ce9a
8babda5f5618afa1eb4f87730609530205f243eae55dbca64e34fc42b4d36227
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28
8d9ceee6253b0c02a4dde8022cc5ced8fbcbd0e08aae3219472adadccff3bdf1
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
90566fd23b25f6f1903bcc02d2fdc964ba46dae90d117f63dd45404dddbb33f0
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
93191b26f0c23a09a2fabf5e0d71815caab853f55f7ffd3d9b053d7703fadfec
95eeb57333d63ece6c9cb91d828cdbeec2fcf18962e6c81f41ada46670d2a228
96e567bbf817356289ebcf9dd841f7f96a2961bd110996a21d9f36298977341c
988b83ee1fe44c20e785b2e6cdac18ca31e83268c82a85ab92ac4fcca73230b1
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99547a965f07daf7a5531abff25b655f8ca954dcd1fc1794a87e62b4f59069a7
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b58d73b8fdbe6625279db3f09f458e6339a2bf4ac038e4c2746569cf5fbcb8f
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9bc235beffc47c62a2ea003f6eb443faf8153d612c9026dc67321f083c2010a4
9cd0cf9358f6d9ef9aecc29466faba4f8f2f5b9a79f03be60e6b220558fd4340
9f71c68db8f50cecab42686d45c685b9fa2710dac74bd8eb50df4689575fc204
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0cb046405aa259db5df73b27a363ce4c8ab963ab135c644d7e4a73fb50c2dce
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a1ddb96fb74f03564fcc5cd558ac7817297de52876984edeb9b1e1955d5c81e5
a21ff431c57e3529b913f6fd452ceecd9303328f3154ba5282de83fdf3aba1c7
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5f570f7b0bbfbdceb719e763fc857c874ed2b473bae723187d2655d6274eee9
a63ef532b19dfc2ecafafa836e484a18eb590d7ec8a04a4e74bb7822394752d6
a64ab350ce88ba56f08dcb13496048b771a519929088bf257003d55a27e48bfa
a6567a73843ae1d2c0838c75d75bece7ce7dda4b13139d8d2446a7e0d0703a76
a6d74ef47401cfdb2a9e33dc592951044b2834eaef0b0c1d5ad5c68e0176722f
a78d2b81ddebb047852a17a05ea8cb05ab57d805febbd271833d14c82709c8fa
a7a99468164de8d1c4ab15148aa8a91c94e83650e03afe9001d7a16a26744270
ab7bf0e3b2173a1cd69290af67819c38eaf2e4a425863538e092d08e97bfccee
ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad07c35ef09057e4b1a713b6952ba5c0987dc2d06866d242c90c40d230fee099
ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789
ad733b54fca6f8bd4d92d7f39b1dde90447eab356325b76565ed8fd613bab568
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b01debabf93d1b97756945c1a1ea5a8f1a4cb48fbe8ec4749eee0c674a843e4a
b0388a2387283b8457b08aadd7fdcca2702ba989863981b18e673a1394e74c4f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2450e916d1c60cdbe33c0d3ac96b607c4193c3223b93bbb0bb9844ff37c14ea
b290618c6a5c2dd4b007f08778431d033d20fd379b4e9dc4f173e11e2a965116
b407a035f634ba58a48d7c4d71ff2ea9ef17d046006afb29d2800fc0c853a587
b49205aa129e1c42ff0d1bc2fb22ecdc59c81f9239a30a65a600e98774380764
b553f99621aeca6a8cfc98c6b112a908ee3c9d28522edb4c85f05745871ec40f
b63e543d612152f5b04c6e77f5f8797cb13416c9c2e4440705565bb60d9d8373
b6cda99a2e49ed21d93f7dc2187782b96a710057612e53360d75df23e3bf39e7
b6d2d8833649ea99ca5ffecfea5dd1b653d1a0ce492ada5fb3d41770f69b60d7
b79ae3695c2658408d8e846750080aed460c56994fe8cbfcfa0bd1b77e249604
b9e38cc9731430afe84fde118d71237c9a86fce3230e5ac7ae1d7f86c102842a
bb9ed1770e9024deb98eee45ba561267d7ef74129e952928e7d62d581948bc0e
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd62fdb47c5864853af3824151c917e6bdab6a93a801df8fb717a02748886596
bdc8a06c16917dfbaf15530df7d06f0112e965ffcc010d19a4dc6a1f5ba17dee
be670c3d3cc9021e3e244a863bd36f5c685a09f46cffefdb930b9fefee0fec0e
c126411169021a699eb16ebddcbb12f53fcb9a66007c85b474f81d77c6dd9aa4
c1cfbcab9eb53292b09938408ff7192883b80567fc4e5af91522e6d14dbb1aa1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2cf236896851779b906e821917f1fc6332e8add1a94fdd2aaa2e8ee134a7bab
c35c9bde0df8a5cc38d417b76206931ae3bb947f61a53e0a633d4b614a272d25
c3e4328baf0470ad0176cacf1314925f6c7c69bc135c8b0f57e2215504c57d76
c4b2d9744f1a6158d73c49aee516c3582d23d84f00ae61c9dc2e7d21f911657a
c60e2fc9ce0914bf1cf11e141c745da30edc15af953fd6682d0d95df5d83f809
c6f8f2872d528851736bcf402909630869818b03463f47db33f9b7cd22c41ab4
c79d82bc0a6edf1dadbf329a8c1f83b464693eb42d829dad0e94593a7a94d392
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
c86d792f85479bc941b4eb8e817e461f88e5b57097f65c48529b509857bda2ea
c874f708f5b975cd971bc4b89f3a432a46121a549273f79c0e1363ef54001157
c9c20ad719fffd1081503dc6f75fc700b3c296ce6e65354e3767b21377d82aa9
ca963bbedddee6c845e30c5b8221624caf8559c395a104fb6843161ee27d7840
cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec
cb4ad9fca15600096a8d9107572e52f9c6f1cd930e9b6dbcf0954192c786da14
cd0111f7173845ab14f9e42c54c15237c70e6af9041128c7f69b9f9f1b81e7d8
ce4bc94a80921be3891ffd3ae8ea6a3c7dff1cbf00c449221f34c56dc2e5e235
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d47993a0cde3864e7e53cb9a1990bf65e7e23c2e32d1c31253e8dbe86f71c871
d57aeaf80265f0b85de1bf9798c3eb60e8b8a71869a16cea4873e21667c9f657
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d68c3ead837103c502de483abfdb0167fa83abe2a3ba452df2d5f216289f6c9f
d79a688e4e23466eeee3ab0d7d3a99a0588b1aa1c7ae0f4fedfbd498c9022eb4
d84037bada82c8af096c750483248eb827b621c42236f3b687cc07c2f93d6dbe
d9be178e731c95970a3ab71d6919e427c4dcd90a325e21bbfcd64543f94cc487
d9ced92ea7270ef77ae75fc7ebcd29e47c4da614b17c1c1a320835472adce0a0
da4d7f5489f9f67f3775a3fd6d5aaa07fff58cb1b992c5d41ea19fe133eaf4a4
dbc8e7010be7250d7092fa7cdfc81186f97e3abf060d836d4054ba37f1160ce3
dc95e37e25aa907eff30792481ecd423daef24262399e6af31e17d96a23c6345
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e16941500a7e562826092aa4e31a907a0c6e9354e4c843391cd3fdec33602bb1
e1a88c045dd83d86979e0bf84f2164a847c0305830c9f9d8c79f757f7e7b5dd0
e1b3c84a38074c64ee80ca535929f5593d556a0174108bf3ff6f36ab44da0c22
e34f3c96e1eae99e2fc8b8f0c8f608bf3d8822872bf36246c4360a024a8527d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55f17bedfb25e6b13645138dfd163e644ab147fecd04694a37b6caa95ea3dce
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e589f795c86643dd2008f9004612958912912d04e7da5284b4dc61703c76e25d
e6e7fba5e94ed4bc947fb9bcd59213a5a979507c8ed51ec38b89b0ddc90a5af2
e6f66edeac3b3a3f7b2cd9d2c9c0365f42b989cc873dd956522bcc03e1279413
e703a095f6114a9905c889cd75b7bd1059a758b00d3c01ca55f3f064a686a389
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e98a06f7a4525a9e890b43356067a04ed2341d610e9fac8423877ef5171f4090
e9c94518cc2164abb6d888be62f2d36fe7b84346354f245ae1342b288a25af11
eabde1ac92a155ccf5ae2e54dc45fab5322e5a3acb3685761349c2c5773ed248
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec47ad54d1b82002bbc9f80233d898e1093a9223028dd4796f7f4933406ec476
ecb0cb2ba814de371fe19a5037a36936b0174978ce3777954ea00493a81beeca
ee1f34fada53e4013c51d0d105500256f5d1424cffe5e751f868e5138313e9e4
ee4af143a6a0a29cda4f26e4e9e05fbc58918dfa32bb26bb7f43b266afc0a085
ee792d6654698f7c088a8ae05942488f954ce013109bd82c4c1c37eb38f6148b
ee855581a36f5e32f1850e5d174d46156e51d3790a84851000c6b8cc0f135408
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef19e3064e5fd9e046a6f4661949e2c7b1c7862f5269ac227ab08b8f63da87fe
f333d0f522ba8ca868c8aefc91b50fd3b48de2243629ba9f3326851ccf94b270
f3e34ec3a6ca44100a8ecfb22d0fd2491f15b748c8f7fb44e2091e249f890477
f463a32201372b5e611f4902ac7122165572108c713c5618723d8a62eefba8d5
f4ad06567ba4c72d0292661aaf1f5eb63c6d684490cb66db2b5607ac660e2ac7
f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b
f6577f793fa7c9f30b69b782ab92dd50481ac5ac984931a87e7f976305e878bc
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f759cefc88a2c554f946a01dfe2df9521c5c213a63495dd0d2978adf78f171a8
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f8b78bc2955a4afc4137abe355f4c3c8818c671fcc0737cba34d2abd9162fc9d
fbc3eaaf53c12129fbddb7a0c98f5cd960439f1f1346b6966b8c4a66c84afedb
fd1cc9b9926b799ac9ca6390e14fb75ace49b8561ce5769305a0b63418176ebe
fee99ad0bd0cd5995682405178d9d2ede85fed5c79f543d8b740f53395291f64
ff203ebb7d641cb6a60a22a06c998c92f91026a2f377bfb3814ba1a2555e03cd
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876
ffb43160d06e6bd7b0cc095deb335cc35130c2d933ca1215cc26992ac2d42a35