horoscope.thsamsungcampaign.com Open in urlscan Pro
45.223.20.60 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C7...
Submission: On November 20 via manual (November 20th 2024, 10:27:54 am UTC) from IN — Scanned from DE

Summary HTTP 86 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 18 IPs in 6 countries across 15 domains to perform 86 HTTP transactions. The main IP is 45.223.20.60, located in United States and belongs to INCAPSULA, US. The main domain is horoscope.thsamsungcampaign.com.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2024 Q3 on September 19th 2024. Valid for: 6 months.

This is the only time horoscope.thsamsungcampaign.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
52	45.223.20.60 45.223.20.60	19551 (INCAPSULA) (INCAPSULA)
2 4	2606:4700:20:... 2606:4700:20::681a:acb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 6	2606:4700::68... 2606:4700::6811:f8cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
6	20.150.28.132 20.150.28.132	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	142.250.186.68 142.250.186.68	15169 (GOOGLE) (GOOGLE)
2	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
1	216.58.212.131 216.58.212.131	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	216.58.212.163 216.58.212.163	15169 (GOOGLE) (GOOGLE)
2	157.240.251.35 157.240.251.35	32934 (FACEBOOK) (FACEBOOK)
1	46.137.25.195 46.137.25.195	16509 (AMAZON-02) (AMAZON-02)
1 2	63.140.62.222 63.140.62.222	16509 (AMAZON-02) (AMAZON-02)
6	104.126.37.185 104.126.37.185	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	54.154.143.167 54.154.143.167	16509 (AMAZON-02) (AMAZON-02)
86	18

52 45.223.20.60 (United States)

ASN19551 (INCAPSULA, US)

horoscope.thsamsungcampaign.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:acb (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

npmcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:f8cb (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 20.150.28.132 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

thcontentstorageacctprd.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.131 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f131.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.163 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.251.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.137.25.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-25-195.eu-west-1.compute.amazonaws.com

samsungthailand.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.222 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-222.data.adobedc.net

smetrics.samsung.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.126.37.185 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a104-126-37-185.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.143.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-143-167.eu-west-1.compute.amazonaws.com

samsungthailand.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	thsamsungcampaign.com horoscope.thsamsungcampaign.com	5 MB
6	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 799	140 KB
6	windows.net thcontentstorageacctprd.blob.core.windows.net	1 MB
6	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 740	31 KB
4	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4108	995 B
4	npmcdn.com 2 redirects npmcdn.com — Cisco Umbrella Rank: 29534	23 KB
2	samsung.com 1 redirects smetrics.samsung.com — Cisco Umbrella Rank: 17977	2 KB
2	demdex.net samsungthailand.demdex.net	922 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	213 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	75 KB
1	google.de www.google.de — Cisco Umbrella Rank: 10745	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135	564 B
1	gstatic.com www.gstatic.com	218 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	108 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	5 KB
86	15

	Domain	Requested by
52	horoscope.thsamsungcampaign.com	horoscope.thsamsungcampaign.com
6	analytics.tiktok.com	horoscope.thsamsungcampaign.com analytics.tiktok.com
6	thcontentstorageacctprd.blob.core.windows.net	horoscope.thsamsungcampaign.com
6	unpkg.com	2 redirects horoscope.thsamsungcampaign.com
4	npmcdn.com	2 redirects horoscope.thsamsungcampaign.com
2	smetrics.samsung.com	1 redirects horoscope.thsamsungcampaign.com
2	samsungthailand.demdex.net	horoscope.thsamsungcampaign.com
2	www.facebook.com	horoscope.thsamsungcampaign.com
2	region1.analytics.google.com	www.googletagmanager.com
2	connect.facebook.net	horoscope.thsamsungcampaign.com connect.facebook.net
2	www.google.com	horoscope.thsamsungcampaign.com www.gstatic.com
1	www.google.de	horoscope.thsamsungcampaign.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	www.googletagmanager.com	horoscope.thsamsungcampaign.com
1	cdnjs.cloudflare.com	horoscope.thsamsungcampaign.com
86	16

This site contains links to these domains. Also see Links.

Domain
www.samsung.com

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-09-19` - `2025-03-18`	6 months	crt.sh
unpkg.com WE1	`2024-09-25` - `2024-12-24`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.blob.core.windows.net Microsoft Azure RSA TLS Issuing CA 07	`2024-10-28` - `2025-04-26`	6 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-29` - `2024-11-27`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.de WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-25` - `2025-10-26`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other
Frame ID: D79597D479F111658C7567CEA1ADDF2F
Requests: 86 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeqvxIpAAAAADFptU4wMSI5ue6ZFZt8AsY45XIg&co=aHR0cHM6Ly9ob3Jvc2NvcGUudGhzYW1zdW5nY2FtcGFpZ24uY29tOjQ0Mw..&hl=de&v=pPK749sccDmVW_9DSeTMVvh2&size=invisible&cb=z31p2zjlq3kv
Frame ID: 276C6951486BFA260DF8D3F1D465AE6A
Requests: 1 HTTP requests in this frame

Frame: https://samsungthailand.demdex.net/dest5.html?d_nsid=0
Frame ID: 99A9E845377EF7F89D214F4D5A221AFF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Horoscope Samsung

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Flickity (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/flickity(?:\.pkgd)?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

86
Requests

94 %
HTTPS

29 %
IPv6

15
Domains

16
Subdomains

18
IPs

6
Countries

7282 kB
Transfer

9738 kB
Size

21
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.samsung.com/th/info/privacy/
Title: นโยบายความเป็นส่วนตัวของ SAMSUNG

Search URL Search Domain Scan URL

URL: https://www.samsung.com/th/info/privacy
Title: https://www.samsung.com/th/info/privacy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://npmcdn.com/flatpickr/dist/flatpickr.min.js HTTP 302
https://npmcdn.com/flatpickr@4.6.13/dist/flatpickr.min.js

Request Chain 5

https://npmcdn.com/flatpickr/dist/l10n/th.js HTTP 302
https://npmcdn.com/flatpickr@4.6.13/dist/l10n/th.js

Request Chain 7

https://unpkg.com/flickity@2/dist/flickity.min.css HTTP 302
https://unpkg.com/flickity@2.3.0/dist/flickity.min.css

Request Chain 8

https://unpkg.com/flickity@2/dist/flickity.pkgd.min.js HTTP 302
https://unpkg.com/flickity@2.3.0/dist/flickity.pkgd.min.js

Request Chain 75

https://smetrics.samsung.com/b/ss/sssamsung4th,sssamsung4mstglobal/1/H.25.5/s97652232700770?AQB=1&ndh=1&t=20%2F10%2F2024%2011%3A27%3A46%203%20-60&fid=54B257BD2BDF17E7-20DA259D7067FC58&ce=UTF-8&pageName=th%3Acampaign%3Ahoroscope%3Ahoro&g=https%3A%2F%2Fhoroscope.thsamsungcampaign.com%2F%3Fsamid%3D0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9%26sap-outbound-id%3DE5A2C73E153752CEF32FD68B73B11B419AD5B452%26utm_source%3DSAPHybris%26utm_medium%3Demail%26utm_campaign%3D201844%26utm_term%3DTHMP-----MOR-CHAN&cc=THB&ch=th%3Acampaign&v0=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other&c1=th&v1=th&c2=th%3Acampaign&v2=th%3Acampaign&c3=th%3Acampaign%3Ahoroscope&v3=th%3Acampaign%3Ahoroscope&c4=th%3Acampaign%3Ahoroscope%3Ahoro&v4=th%3Acampaign%3Ahoroscope%3Ahoro&h1=th%3Ecampaign%3Ehoroscope%3Ehoro&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=GMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483%26utm_content%3DAR%26cid%3Dth_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other&p=PDF%20Viewer%3BChrome%20PDF%20Viewer%3BChromium%20PDF%20Viewer%3BMicrosoft%20Edge%20PDF%20Viewer%3BWebKit%20built-in%20PDF%3B&AQE=1 HTTP 302
https://smetrics.samsung.com/b/ss/sssamsung4th,sssamsung4mstglobal/1/H.25.5/s97652232700770?AQB=1&pccr=true&vidn=339EDCD1104A5936-400010AF0DDAE6F5&ndh=1&t=20%2F10%2F2024%2011%3A27%3A46%203%20-60&fid=54B257BD2BDF17E7-20DA259D7067FC58&ce=UTF-8&pageName=th%3Acampaign%3Ahoroscope%3Ahoro&g=https%3A%2F%2Fhoroscope.thsamsungcampaign.com%2F%3Fsamid%3D0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9%26sap-outbound-id%3DE5A2C73E153752CEF32FD68B73B11B419AD5B452%26utm_source%3DSAPHybris%26utm_medium%3Demail%26utm_campaign%3D201844%26utm_term%3DTHMP-----MOR-CHAN&cc=THB&ch=th%3Acampaign&v0=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other&c1=th&v1=th&c2=th%3Acampaign&v2=th%3Acampaign&c3=th%3Acampaign%3Ahoroscope&v3=th%3Acampaign%3Ahoroscope&c4=th%3Acampaign%3Ahoroscope%3Ahoro&v4=th%3Acampaign%3Ahoroscope%3Ahoro&h1=th%3Ecampaign%3Ehoroscope%3Ehoro&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=GMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483%26utm_content%3DAR%26cid%3Dth_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other&p=PDF%20Viewer%3BChrome%20PDF%20Viewer%3BChromium%20PDF%20Viewer%3BMicrosoft%20Edge%20PDF%20Viewer%3BWebKit%20built-in%20PDF%3B&AQE=1

86 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
horoscope.thsamsungcampaign.com/ 24 KB
7 KB 728ms
663ms Document
text/html 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

253bf11ad6b40697cb55f54bfa0e645fa9be147a0b0ba40da2603e599e283725

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: no-cache,no-store,no-cache, no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 20 Nov 2024 10:27:44 GMT
expires: -1
pragma: no-cache,no-cache, must-revalidate
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-cdn: Imperva
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-iinfo: 12-164771373-164771381 NNNN CT(155 315 0) RT(1732098463145 24) q(0 0 5 2) r(7 7) U24
x-xss-protection: 1; mode=block

GET
H2 200 jquery-3.7.1.min.js Show response
horoscope.thsamsungcampaign.com/js/ 85 KB
38 KB 679ms
674ms Script
text/javascript 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://horoscope.thsamsungcampaign.com/js/jquery-3.7.1.min.js

Requested by

Host: horoscope.thsamsungcampaign.com
URL: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771538 NNNN CT(156 331 0) RT(1732098463145 742) q(0 0 5 -1) r(7 7) U24
cache-control: no-cache, no-store
content-encoding: gzip
etag: "1da5fcaa5c52d6d"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
date: Wed, 20 Nov 2024 10:27:44 GMT
x-xss-protection: 1; mode=block
content-type: text/javascript
last-modified: Thu, 15 Feb 2024 04:51:33 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 jquery.easing.min.js Show response
horoscope.thsamsungcampaign.com/js/ 3 KB
1 KB 698ms
694ms Script
text/javascript 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://horoscope.thsamsungcampaign.com/js/jquery.easing.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

804894cc139c08adbd54e0fa8ea3080555a745457df87e9526832245b43fac27

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771540 NNNN CT(166 332 0) RT(1732098463145 746) q(0 0 5 -1) r(7 7) U24
cache-control: no-cache, no-store
content-encoding: gzip
etag: "1da5fcaa5c4746d"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
date: Wed, 20 Nov 2024 10:27:44 GMT
x-xss-protection: 1; mode=block
content-type: text/javascript
last-modified: Thu, 15 Feb 2024 04:51:33 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 sweetalert2@11.js Show response
horoscope.thsamsungcampaign.com/js/ 66 KB
23 KB 685ms
681ms Script
text/javascript 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://horoscope.thsamsungcampaign.com/js/sweetalert2@11.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

870eeff23645feb144771d591dea53e03ef70054c72eefcff64132acd7ac4727

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771542 NNNN CT(155 330 0) RT(1732098463145 750) q(0 0 5 -1) r(7 7) U24
cache-control: no-cache, no-store
content-encoding: gzip
etag: "1da5fcaa65c0852"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
date: Wed, 20 Nov 2024 10:27:44 GMT
x-xss-protection: 1; mode=block
content-type: text/javascript
last-modified: Thu, 15 Feb 2024 04:51:34 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 flatpickr.min.css
horoscope.thsamsungcampaign.com/css/ 16 KB
4 KB 184ms
180ms Stylesheet
text/css 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://horoscope.thsamsungcampaign.com/css/flatpickr.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1b34a42552c96f10e4dfaaa4a367276b03868aacff63c1ac42ffe331352bc754

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771381 PNNN RT(1732098463145 738) q(0 0 0 -1) r(2 2) U24
cache-control: no-cache, no-store
content-encoding: gzip
etag: "1da37c0baea34a6"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
date: Wed, 20 Nov 2024 10:27:44 GMT
x-xss-protection: 1; mode=block
content-type: text/css
last-modified: Tue, 26 Dec 2023 05:59:47 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2

200

flatpickr.min.js Show response
npmcdn.com/flatpickr@4.6.13/dist/
Redirect Chain

https://npmcdn.com/flatpickr/dist/flatpickr.min.js
https://npmcdn.com/flatpickr@4.6.13/dist/flatpickr.min.js

49 KB
20 KB

21ms
19ms

Script
application/javascript

2606:4700:20::681a:acb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://npmcdn.com/flatpickr@4.6.13/dist/flatpickr.min.js

Requested by

Protocol

Server

2606:4700:20::681a:acb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1eeab1cb779471a0b0aaa93dd91c2eb1aa537d696f01ab05ea9dabc55e8525a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "c5f7-fVv7+SYe2JucqEJIf3pkZJZHRLk"
age: 1068549
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IXlJ9VzHzblkKN1l0Hex3khIXgeeXOgSuJYBbJwOVoL9qhxEd9HXzhs1fCpBpD5hzvDuUTYcPLW%2BWDMXOiesQA13RCZdsM%2FdXHqZlUFEeae1Cp4CvMxgUIRRwSUpt9BPCyT9rxKsYGU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=12252&sent=9&recv=17&lost=0&retrans=0&sent_bytes=4909&recv_bytes=2343&delivery_rate=329689&cwnd=243&unsent_bytes=0&cid=89a1515f07ebf295&ts=101&x=0"
date: Wed, 20 Nov 2024 10:27:44 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JC4PRNZ7RJ5HKFBR6D8R117T-fra
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 fly.io
cf-ray: 8e57bfcb3a84dbf3-FRA
access-control-allow-origin: *
server: cloudflare

Redirect headers

content-encoding: br
cf-cache-status: HIT
age: 109
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JbwWCsKfCZBcKfE4g8Mh6wWmpMeVqaNI848kWsuE%2FPQFQ5nl90%2FLOWDIxMJ3k59v2GejfQPN18QlekT4EjhwqotdMZ2M0TOgvfRfJeDN9aYIPYqrftBlTrl1yXfExYqYkgWyJqLyXPs%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=11223&sent=7&recv=13&lost=0&retrans=0&sent_bytes=4035&recv_bytes=2264&delivery_rate=329689&cwnd=240&unsent_bytes=0&cid=89a1515f07ebf295&ts=77&x=0"
date: Wed, 20 Nov 2024 10:27:44 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JD4HPW1NF3Q2NKW1R9QZQHBR-cdg
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=14400, s-maxage=600
location: /flatpickr@4.6.13/dist/flatpickr.min.js
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 fly.io
cf-ray: 8e57bfcb09d4dbf3-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2

200

th.js Show response
npmcdn.com/flatpickr@4.6.13/dist/l10n/
Redirect Chain

https://npmcdn.com/flatpickr/dist/l10n/th.js
https://npmcdn.com/flatpickr@4.6.13/dist/l10n/th.js

2 KB
1 KB

22ms
22ms

Script
application/javascript

2606:4700:20::681a:acb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://npmcdn.com/flatpickr@4.6.13/dist/l10n/th.js

Requested by

Protocol

Server

2606:4700:20::681a:acb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d720863a64b19a01fa5c3e7d1004bd89accfdaad5ccff7f3b2d146ef64428df5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "8c5-1W2x9q7/QD7eBXhDxONeERNMLjY"
age: 1304481
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EGRMTef15Iw1YjyLn2tjenb5UNta0pLH%2BwTJ7m6QGSP7QqSHf7qJr2bQXjpeO0ZIDJA%2F3m3aRhfIxiXOUY6LXPawAJjWvhKaQQvtpTXoC6IakyeoBtd7qitWas7VtBj1CaKx2iIrV94%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=8807&sent=31&recv=34&lost=0&retrans=0&sent_bytes=26514&recv_bytes=2418&delivery_rate=2940043&cwnd=244&unsent_bytes=0&cid=89a1515f07ebf295&ts=901&x=0"
date: Wed, 20 Nov 2024 10:27:45 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JBXNRKQF628WSVY0GC1ZBYQC-fra
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 fly.io
cf-ray: 8e57bfd03dd5dbf3-FRA
access-control-allow-origin: *
server: cloudflare

Redirect headers

content-encoding: br
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=66RR5WRjyhbhu4vB%2FsfcZWfol6zwoCOpc%2F2mO5OPnbDHzz6BdShD%2FWMIKf%2FzvIQMVjVDObNlAQvgEHKHAsZip%2BCb5ZEThr3%2BGsjKg0X1LKZsxbkj75I5c8uB93JsD35io06b8RUM%2Br0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=9079&sent=29&recv=31&lost=0&retrans=0&sent_bytes=25886&recv_bytes=2343&delivery_rate=2940043&cwnd=244&unsent_bytes=0&cid=89a1515f07ebf295&ts=880&x=0"
date: Wed, 20 Nov 2024 10:27:45 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JD4HT6QW24P4NXX4NH4CFQFJ-cdg
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=14400, s-maxage=600
location: /flatpickr@4.6.13/dist/l10n/th.js
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 fly.io
cf-ray: 8e57bfcb09d7dbf3-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 moment-with-locales.js Show response
horoscope.thsamsungcampaign.com/js/ 607 KB
149 KB 685ms
682ms Script
text/javascript 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://horoscope.thsamsungcampaign.com/js/moment-with-locales.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f37cad4429c2815e53699ca98abd4e8773737f696fff554c63a58f4d6589200b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771544 NNNN CT(157 332 0) RT(1732098463145 755) q(0 0 4 -1) r(6 6) U24
cache-control: no-cache, no-store
content-encoding: gzip
etag: "1da5fcaa65472dd"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
date: Wed, 20 Nov 2024 10:27:44 GMT
x-xss-protection: 1; mode=block
content-type: text/javascript
last-modified: Thu, 15 Feb 2024 04:51:34 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2

200

flickity.min.css
unpkg.com/flickity@2.3.0/dist/
Redirect Chain

https://unpkg.com/flickity@2/dist/flickity.min.css
https://unpkg.com/flickity@2.3.0/dist/flickity.min.css

2 KB
891 B

21ms
20ms

Stylesheet
text/css

2606:4700::6811:f8cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/flickity@2.3.0/dist/flickity.min.css

Requested by

Protocol

Server

2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8eef2ef6cf882d5e2e9167cb7c8b0ebbeb75b28a698835488733d149326fab4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "705-iG4rBnn9uZ8eW5XLtZHjveGiMLs"
age: 1239603
x-content-type-options: nosniff
date: Wed, 20 Nov 2024 10:27:44 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JBZKMH471WCHVPNE5EST4D05-fra
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8e57bfcb3f1fd2ae-FRA
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /flickity@2.3.0/dist/flickity.min.css
content-encoding: br
cf-cache-status: HIT
age: 538
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8e57bfcb0eb0d2ae-FRA
access-control-allow-origin: *
date: Wed, 20 Nov 2024 10:27:44 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JD4H9RYD19KJTJNQG5JPY947-ams
server: cloudflare

GET
H2

200

flickity.pkgd.min.js Show response
unpkg.com/flickity@2.3.0/dist/
Redirect Chain

https://unpkg.com/flickity@2/dist/flickity.pkgd.min.js
https://unpkg.com/flickity@2.3.0/dist/flickity.pkgd.min.js

56 KB
19 KB

22ms
21ms

Script
application/javascript

2606:4700::6811:f8cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/flickity@2.3.0/dist/flickity.pkgd.min.js

Requested by

Protocol

Server

2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3aa6d58d974d052d6bad494e15bff103c518e148e59054c006564610b41103d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "e136-ppFLVfsImDkhRKQGmGrAD36fhGA"
age: 721608
x-content-type-options: nosniff
date: Wed, 20 Nov 2024 10:27:44 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JCF1MEW79W9J4DMHKZCGJZMF-fra
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8e57bfcb3f1ad2ae-FRA
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /flickity@2.3.0/dist/flickity.pkgd.min.js
content-encoding: br
cf-cache-status: HIT
age: 411
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8e57bfcb0eb8d2ae-FRA
access-control-allow-origin: *
date: Wed, 20 Nov 2024 10:27:44 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JD4HDM9736YAR5MWVGYKBCWV-ams
server: cloudflare

GET
H2 200 aos.css
unpkg.com/aos@2.3.1/dist/ 25 KB
4 KB 122ms
25ms Stylesheet
text/css 2606:4700::6811:f8cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/aos@2.3.1/dist/aos.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "65c5-BVfTdFS2f0LyyxAeV+UHD7EZNXA"
age: 895901
x-content-type-options: nosniff
date: Wed, 20 Nov 2024 10:27:44 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 17 May 2018 22:11:13 GMT
fly-request-id: 01JC9VDFMDFC0ZWG2XV3RYERAQ-fra
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8e57bfcb0eb7d2ae-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 aos.js Show response
unpkg.com/aos@2.3.1/dist/ 14 KB
6 KB 125ms
28ms Script
application/javascript 2606:4700::6811:f8cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/aos@2.3.1/dist/aos.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "379f-cNv9OKDx/DsafZ+tq1h4ZITDTxc"
age: 1919908
x-content-type-options: nosniff
date: Wed, 20 Nov 2024 10:27:44 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 17 May 2018 22:11:13 GMT
fly-request-id: 01JBBAV7AD22DBN9EEMHBV2E0S-fra
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8e57bfcb0ebbd2ae-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 70 KB
5 KB 107ms
36ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5f5628a2-11846"
age: 62617
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OzcjfEvkn9ye3e%2F7iprC1DmBPgEYRIWLx%2F%2FOrpA%2B9BscugoqrXNVdxNJokfdwERnUePc0twJH7C%2FYD7nb%2BHOeVqhwhBUEzel9TI5qCG2gaiAe2J3Lafjlq%2Bc78iHO9JpPswEIsfu"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 10 Nov 2025 10:27:44 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 10:27:44 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e57bfcaed749bf5-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4216
server: cloudflare

GET
H2 200 bootstrap.min.css
horoscope.thsamsungcampaign.com/css/ 227 KB
47 KB 684ms
682ms Stylesheet
text/css 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://horoscope.thsamsungcampaign.com/css/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771546 NNNN CT(156 333 0) RT(1732098463145 759) q(0 0 4 -1) r(6 6) U24
cache-control: no-cache, no-store
content-encoding: gzip
etag: "1da37c0bae98674"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
date: Wed, 20 Nov 2024 10:27:44 GMT
x-xss-protection: 1; mode=block
content-type: text/css
last-modified: Tue, 26 Dec 2023 05:59:47 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 loading.css
horoscope.thsamsungcampaign.com/css/ 3 KB
919 B 336ms
334ms Stylesheet
text/css 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://horoscope.thsamsungcampaign.com/css/loading.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b002b0493bccdaf7ca15ed97a834c0ebe24ae3c3fc02aaad572730f5cc4b933e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771381 PNNN RT(1732098463145 762) q(0 1 1 -1) r(3 3) U24
cache-control: no-cache, no-store
content-encoding: gzip
etag: "1da37c0baea00e2"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
date: Wed, 20 Nov 2024 10:27:44 GMT
x-xss-protection: 1; mode=block
content-type: text/css
last-modified: Tue, 26 Dec 2023 05:59:47 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 site.css
horoscope.thsamsungcampaign.com/css/ 38 KB
13 KB 508ms
506ms Stylesheet
text/css 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://horoscope.thsamsungcampaign.com/css/site.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3eafcaf8e4f0e8a4891097c230e8bcbd4bef7e6f9c58f7629bf6934f53461a4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771381 PNNN RT(1732098463145 764) q(0 3 3 -1) r(4 4) U24
cache-control: no-cache, no-store
content-encoding: gzip
etag: "1da37c0baea9dc2"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
date: Wed, 20 Nov 2024 10:27:44 GMT
x-xss-protection: 1; mode=block
content-type: text/css
last-modified: Tue, 26 Dec 2023 05:59:47 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 validate.js Show response
horoscope.thsamsungcampaign.com/js/ 5 KB
2 KB 707ms
706ms Script
text/javascript 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://horoscope.thsamsungcampaign.com/js/validate.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

bb4b2423fc6cd59461e367faaf86d64eb37bc569f15fcc3151f10156fb08b34f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771381 PNNN RT(1732098463145 766) q(0 5 5 -1) r(6 6) U24
cache-control: no-cache, no-store
content-encoding: gzip
etag: "1da5fcaa65d1a3c"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
date: Wed, 20 Nov 2024 10:27:44 GMT
x-xss-protection: 1; mode=block
content-type: text/javascript
last-modified: Thu, 15 Feb 2024 04:51:34 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 script.js Show response
horoscope.thsamsungcampaign.com/js/ 7 KB
3 KB 850ms
849ms Script
text/javascript 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://horoscope.thsamsungcampaign.com/js/script.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

02776fd0ab12ad5515a684087b7212bd96f52f76ae88acb4bc1e23c0dfff0652

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771540 PNNN RT(1732098463145 768) q(0 6 6 -1) r(8 8) U24
cache-control: no-cache, no-store
content-encoding: gzip
etag: "1da5fcaa65d1248"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
date: Wed, 20 Nov 2024 10:27:44 GMT
x-xss-protection: 1; mode=block
content-type: text/javascript
last-modified: Thu, 15 Feb 2024 04:51:34 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 script.js Show response
horoscope.thsamsungcampaign.com/asset/js/ 0
259 B 873ms
872ms Script
text/javascript 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://horoscope.thsamsungcampaign.com/asset/js/script.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771381 PNNN RT(1732098463145 770) q(0 6 6 -1) r(8 8) U24
cache-control: no-cache, no-store
content-encoding: gzip
etag: "1da236cab67d600"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
date: Wed, 20 Nov 2024 10:27:44 GMT
x-xss-protection: 1; mode=block
content-type: text/javascript
last-modified: Thu, 30 Nov 2023 09:07:40 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 326 KB
108 KB 126ms
37ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MXCGTXGPFQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

87c0ca46fc55ecdcde7d81a5081f1413ac27d22047d549de6abb77261c920431

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 20 Nov 2024 10:27:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 10:27:45 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 110251
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 bg-result.webp
horoscope.thsamsungcampaign.com/images/ 2 MB
2 MB 1017ms
1015ms Image
image/webp 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horoscope.thsamsungcampaign.com/images/bg-result.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

41c7093e60737986d293afca47090d94593d0b646e586a910721599cb98e29b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771538 PNNN RT(1732098463145 773) q(0 7 7 -1) r(9 9) U24
cache-control: no-cache, no-store
etag: "1da236ca986de42"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 1625282
date: Wed, 20 Nov 2024 10:27:45 GMT
x-xss-protection: 1; mode=block
content-type: image/webp
last-modified: Thu, 30 Nov 2023 09:07:37 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 bg-result-m.webp
horoscope.thsamsungcampaign.com/images/ 948 KB
950 KB 1017ms
1016ms Image
image/webp 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horoscope.thsamsungcampaign.com/images/bg-result-m.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d3e578a41ff09b569076ad1b0c8865088984fe768d7de7a5ed08077ad7f2c8e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771542 PNNN RT(1732098463145 776) q(0 8 8 -1) r(9 9) U24
cache-control: no-cache, no-store
etag: "1da236ca990c28a"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 970762
date: Wed, 20 Nov 2024 10:27:45 GMT
x-xss-protection: 1; mode=block
content-type: image/webp
last-modified: Thu, 30 Nov 2023 09:07:37 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 logo-ss-tag.png
horoscope.thsamsungcampaign.com/images/ 4 KB
4 KB 223ms
181ms Image
image/png 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horoscope.thsamsungcampaign.com/images/logo-ss-tag.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

73fc8683b50c56071f5aa2abff76a21f63f6f6d0b5ed5cca92e26e9951ac709b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771544 PNNN RT(1732098463145 2123) q(0 0 0 -1) r(2 2) U24
cache-control: no-cache, no-store
etag: "1da236caa36a729"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 3625
date: Wed, 20 Nov 2024 10:27:45 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Thu, 30 Nov 2023 09:07:38 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 logo-ss-tag-m.png
horoscope.thsamsungcampaign.com/images/ 3 KB
3 KB 248ms
207ms Image
image/png 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horoscope.thsamsungcampaign.com/images/logo-ss-tag-m.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9a5e374a744ab7a2ea8c03831d99f7a27775f817f5c7e8e6d04290c74c49b409

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771381 PNNN RT(1732098463145 2128) q(0 0 0 -1) r(2 2) U24
cache-control: no-cache, no-store
etag: "1da236caa36a2ec"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 3052
date: Wed, 20 Nov 2024 10:27:45 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Thu, 30 Nov 2023 09:07:38 GMT
x-frame-options: SAMEORIGIN

GET
H/1.1 200
OK c35a90af-7a3a-4be9-a2aa-9217c1102e5c.jpg
thcontentstorageacctprd.blob.core.windows.net/upload/th-horoscopecampaign-11611/ 246 KB
247 KB 965ms
391ms Image
application/octet-stream 20.150.28.132
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thcontentstorageacctprd.blob.core.windows.net/upload/th-horoscopecampaign-11611/c35a90af-7a3a-4be9-a2aa-9217c1102e5c.jpg
Requested by: Host: horoscope.thsamsungcampaign.com
URL: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.28.132 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d30b7cbd84a71056bf8488a3f42b9e8ad730fa1fcb980402efafb474cff21f17

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/

Response headers

Content-MD5: mfj9Il2MRBnZj5dBZjFDWQ==
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
ETag: 0x8DCF98ACFA2C424
x-ms-request-id: 23fcd9b1-c01e-001b-3f36-3b190e000000
Access-Control-Allow-Origin: *
Content-Length: 251997
Date: Wed, 20 Nov 2024 10:27:45 GMT
Content-Type: application/octet-stream
Last-Modified: Thu, 31 Oct 2024 09:02:56 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob

GET
H/1.1 200
OK f964b735-2136-4a4e-bef6-5f93b94484d2.jpg
thcontentstorageacctprd.blob.core.windows.net/upload/th-horoscopecampaign-11611/ 350 KB
351 KB 1037ms
461ms Image
application/octet-stream 20.150.28.132
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thcontentstorageacctprd.blob.core.windows.net/upload/th-horoscopecampaign-11611/f964b735-2136-4a4e-bef6-5f93b94484d2.jpg
Requested by: Host: horoscope.thsamsungcampaign.com
URL: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.28.132 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c01407b6025b4664b79f8757916918aacc838df697d78fbab3c68a957699e266

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/

Response headers

Content-MD5: ur0chFnIb5GOCdfutVrCEQ==
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
ETag: 0x8DCF98AD64C3059
x-ms-request-id: e74dc138-701e-0009-3f36-3b2d12000000
Access-Control-Allow-Origin: *
Content-Length: 358362
Date: Wed, 20 Nov 2024 10:27:46 GMT
Content-Type: application/octet-stream
Last-Modified: Thu, 31 Oct 2024 09:03:07 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob

GET
H2 200 bt-submit-h.png
horoscope.thsamsungcampaign.com/images/ 25 KB
25 KB 711ms
674ms Image
image/png 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horoscope.thsamsungcampaign.com/images/bt-submit-h.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c13f35350d89f198305b39ae1fff077cd107bc85ab969146141184d6aefe578c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771540 PNNN RT(1732098463145 2143) q(0 2 2 -1) r(7 7) U24
cache-control: no-cache, no-store
etag: "1da236ca99e7112"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 25490
date: Wed, 20 Nov 2024 10:27:45 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Thu, 30 Nov 2023 09:07:37 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 bt-submit.png
horoscope.thsamsungcampaign.com/images/ 26 KB
26 KB 1013ms
976ms Image
image/png 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horoscope.thsamsungcampaign.com/images/bt-submit.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a641d5e74a1a8fceb6211f7a8c740baffd5d167183afedde4939b7c3e181508b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771540 PNNN RT(1732098463145 2146) q(0 8 8 -1) r(9 9) U24
cache-control: no-cache, no-store
etag: "1da236ca99e7baa"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 26922
date: Wed, 20 Nov 2024 10:27:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Thu, 30 Nov 2023 09:07:37 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 bg-form-min.webp
horoscope.thsamsungcampaign.com/images/ 306 KB
307 KB 1198ms
1161ms Image
image/webp 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horoscope.thsamsungcampaign.com/images/bg-form-min.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d071757b10e663952861e4a398724237f737ceae7568a3cfb2dd154d86d175f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771544 PNNN RT(1732098463145 2151) q(0 9 9 -1) r(9 11) U24
cache-control: no-cache, no-store
etag: "1da236ca99ad57a"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 313338
date: Wed, 20 Nov 2024 10:27:46 GMT
x-xss-protection: 1; mode=block
content-type: image/webp
last-modified: Thu, 30 Nov 2023 09:07:37 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 bg-form-min-m.webp
horoscope.thsamsungcampaign.com/images/ 194 KB
194 KB 1197ms
1160ms Image
image/webp 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horoscope.thsamsungcampaign.com/images/bg-form-min-m.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

479334552f387a7bb4a5dc3ea99804bb080a74a735c5091d268eddabefe71c7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771546 PNNN RT(1732098463145 2161) q(0 8 8 -1) r(8 10) U24
cache-control: no-cache, no-store
etag: "1da236ca99d15a0"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 198432
date: Wed, 20 Nov 2024 10:27:46 GMT
x-xss-protection: 1; mode=block
content-type: image/webp
last-modified: Thu, 30 Nov 2023 09:07:37 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 bg-scroll.webp
horoscope.thsamsungcampaign.com/images/ 300 KB
301 KB 1196ms
1161ms Image
image/webp 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horoscope.thsamsungcampaign.com/images/bg-scroll.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b108fc5efdc966a4537021664d0e80e89f43536a88ac6b283ba36729de08d990

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771381 PNNN RT(1732098463145 2166) q(0 8 8 -1) r(8 10) U24
cache-control: no-cache, no-store
etag: "1da236ca99abd66"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 307174
date: Wed, 20 Nov 2024 10:27:46 GMT
x-xss-protection: 1; mode=block
content-type: image/webp
last-modified: Thu, 30 Nov 2023 09:07:37 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 bg-scroll-m.webp
horoscope.thsamsungcampaign.com/images/ 27 KB
27 KB 1304ms
1269ms Image
image/webp 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horoscope.thsamsungcampaign.com/images/bg-scroll-m.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4502ae68ec36f868fd1dbb89507a248452ec353061181fe7dee91edb4b5533dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771540 PNNN RT(1732098463145 2169) q(0 9 9 -1) r(11 11) U24
cache-control: no-cache, no-store
etag: "1da236ca99e7e28"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 27816
date: Wed, 20 Nov 2024 10:27:46 GMT
x-xss-protection: 1; mode=block
content-type: image/webp
last-modified: Thu, 30 Nov 2023 09:07:37 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 horo-result.png
horoscope.thsamsungcampaign.com/asset/image/ 68 KB
69 KB 1303ms
1270ms Image
image/png 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horoscope.thsamsungcampaign.com/asset/image/horo-result.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

608e5f39ad9f500c1bce60acfdbc5e77b27d51d477836e6ff144fa67f6c81983

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771542 PNNN RT(1732098463145 2176) q(0 9 9 -1) r(10 11) U24
cache-control: no-cache, no-store
etag: "1da236cab66c71c"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 69916
date: Wed, 20 Nov 2024 10:27:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Thu, 30 Nov 2023 09:07:40 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 tab-month-active.png
horoscope.thsamsungcampaign.com/images/ 22 KB
22 KB 1483ms
1451ms Image
image/png 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horoscope.thsamsungcampaign.com/images/tab-month-active.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4859c19a21539bcc4001510489c1bd0b830cdc4e6bccd96a15349145f096f0ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771540 PNNN RT(1732098463145 2184) q(0 12 12 -1) r(13 13) U24
cache-control: no-cache, no-store
etag: "1da236caa36f022"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 22818
date: Wed, 20 Nov 2024 10:27:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Thu, 30 Nov 2023 09:07:38 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 tab-month.png
horoscope.thsamsungcampaign.com/images/ 5 KB
5 KB 1548ms
1516ms Image
image/png 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horoscope.thsamsungcampaign.com/images/tab-month.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

47d01d856738d2fcdecfabbed52ff44769967a89e735313df23ede16eca5de24

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771542 PNNN RT(1732098463145 2196) q(0 12 12 -1) r(14 14) U24
cache-control: no-cache, no-store
etag: "1da236caa36bc42"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 5442
date: Wed, 20 Nov 2024 10:27:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Thu, 30 Nov 2023 09:07:38 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 tab-tel-active.png
horoscope.thsamsungcampaign.com/images/ 21 KB
21 KB 1637ms
1603ms Image
image/png 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horoscope.thsamsungcampaign.com/images/tab-tel-active.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ea3710e2f0e19019ec2281cd2bee32a8d03dfacbc2d15dab826a84371eac5be0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771546 PNNN RT(1732098463145 2211) q(0 13 13 -1) r(15 15) U24
cache-control: no-cache, no-store
etag: "1da236caa36fdb0"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 21680
date: Wed, 20 Nov 2024 10:27:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Thu, 30 Nov 2023 09:07:38 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 tab-tel.png
horoscope.thsamsungcampaign.com/images/ 6 KB
6 KB 1639ms
1606ms Image
image/png 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horoscope.thsamsungcampaign.com/images/tab-tel.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

74e52975f68258b60c9f489d3f0600c111b049182a099a28f61e42b02b432c39

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771544 PNNN RT(1732098463145 2219) q(0 14 14 -1) r(15 15) U24
cache-control: no-cache, no-store
etag: "1da236caa36b191"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 6289
date: Wed, 20 Nov 2024 10:27:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Thu, 30 Nov 2023 09:07:38 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 box-work.png
horoscope.thsamsungcampaign.com/asset/image/ 11 KB
11 KB 1649ms
1616ms Image
image/png 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horoscope.thsamsungcampaign.com/asset/image/box-work.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f5ccdbe6b12143fb32ad8f4c9962d97aa01c9ddbf15230b9f291e03bd74b8f20

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771540 PNNN RT(1732098463145 2232) q(0 14 14 -1) r(15 15) U24
cache-control: no-cache, no-store
etag: "1da236caacf13c0"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 11328
date: Wed, 20 Nov 2024 10:27:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Thu, 30 Nov 2023 09:07:39 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 detail-footer.png
horoscope.thsamsungcampaign.com/asset/image/ 2 KB
2 KB 1698ms
1665ms Image
image/png 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horoscope.thsamsungcampaign.com/asset/image/detail-footer.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

475652188ab1d7b0212d6b0415ac535816c720940337e3323f32a93f498cd948

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771542 PNNN RT(1732098463145 2253) q(0 14 14 -1) r(16 16) U24
cache-control: no-cache, no-store
etag: "1da236caacf36bd"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 2365
date: Wed, 20 Nov 2024 10:27:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Thu, 30 Nov 2023 09:07:39 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 box-money.png
horoscope.thsamsungcampaign.com/asset/image/ 13 KB
13 KB 1698ms
1665ms Image
image/png 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horoscope.thsamsungcampaign.com/asset/image/box-money.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3db3d104a5e03f37a0a923cb691c0c11d5df6b125933f915b829549c8c1c6e04

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771538 PNNN RT(1732098463145 2278) q(0 13 13 -1) r(15 15) U24
cache-control: no-cache, no-store
etag: "1da236caacf0da1"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 12833
date: Wed, 20 Nov 2024 10:27:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Thu, 30 Nov 2023 09:07:39 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 box-love.png
horoscope.thsamsungcampaign.com/asset/image/ 11 KB
11 KB 1777ms
1745ms Image
image/png 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horoscope.thsamsungcampaign.com/asset/image/box-love.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a7d76bded6381578e69225cda26c75fda0e7500eaf682abda5623eafc6c036ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771546 PNNN RT(1732098463145 2283) q(0 14 14 -1) r(16 16) U24
cache-control: no-cache, no-store
etag: "1da236caacf145a"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 11226
date: Wed, 20 Nov 2024 10:27:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Thu, 30 Nov 2023 09:07:39 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 box-health.png
horoscope.thsamsungcampaign.com/asset/image/ 12 KB
12 KB 1789ms
1761ms Image
image/png 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horoscope.thsamsungcampaign.com/asset/image/box-health.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5d841917b396190cde0e03eddd5dcea88a0cf5335bc8abbd5a9d29f27612ee5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771544 PNNN RT(1732098463145 2296) q(0 14 14 -1) r(16 16) U24
cache-control: no-cache, no-store
etag: "1da236caacf0fb6"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 12342
date: Wed, 20 Nov 2024 10:27:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Thu, 30 Nov 2023 09:07:39 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 title-wallpaper.png
horoscope.thsamsungcampaign.com/images/ 93 KB
93 KB 1811ms
1782ms Image
image/png 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horoscope.thsamsungcampaign.com/images/title-wallpaper.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8fa54e96c25d579b8781cb34d50ec8b02849e06cec10277507200ad08d6a0ff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771540 PNNN RT(1732098463145 2301) q(0 14 14 -1) r(16 16) U24
cache-control: no-cache, no-store
etag: "1da236caa37db84"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 94852
date: Wed, 20 Nov 2024 10:27:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Thu, 30 Nov 2023 09:07:38 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 title-wallpaper-m.png
horoscope.thsamsungcampaign.com/images/ 156 KB
156 KB 1849ms
1821ms Image
image/png 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horoscope.thsamsungcampaign.com/images/title-wallpaper-m.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2cd1c2f440b615492ec7208d3ffdd1b9553558dbc273ec1ac926490e255243da

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771542 PNNN RT(1732098463145 2306) q(0 15 15 -1) r(16 16) U24
cache-control: no-cache, no-store
etag: "1da236caa34c6c5"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 159685
date: Wed, 20 Nov 2024 10:27:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Thu, 30 Nov 2023 09:07:38 GMT
x-frame-options: SAMEORIGIN

GET
H/1.1 200
OK cb4e9a4d-0986-4da8-874b-cdc2c1766a6f.png
thcontentstorageacctprd.blob.core.windows.net/upload/th-horoscopecampaign-11611/ 141 KB
142 KB 1185ms
195ms Image
application/octet-stream 20.150.28.132
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thcontentstorageacctprd.blob.core.windows.net/upload/th-horoscopecampaign-11611/cb4e9a4d-0986-4da8-874b-cdc2c1766a6f.png
Requested by: Host: horoscope.thsamsungcampaign.com
URL: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.28.132 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7199c1feb5e8c517eca9e038f30cf61b8674129fa3e7736c5619b66fb14d3c64

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/

Response headers

Content-MD5: gck1QFmjtgEaQ0GfdjOdlQ==
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
ETag: 0x8DCF8C0466BD5E0
x-ms-request-id: 7de336c4-601e-0070-7536-3b4458000000
Access-Control-Allow-Origin: *
Content-Length: 144406
Date: Wed, 20 Nov 2024 10:27:46 GMT
Content-Type: application/octet-stream
Last-Modified: Wed, 30 Oct 2024 08:53:07 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob

GET
H/1.1 200
OK 3070cbeb-9eb1-4c57-8965-f21812a735cd.png
thcontentstorageacctprd.blob.core.windows.net/upload/th-horoscopecampaign-11611/ 247 KB
248 KB 1358ms
368ms Image
application/octet-stream 20.150.28.132
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thcontentstorageacctprd.blob.core.windows.net/upload/th-horoscopecampaign-11611/3070cbeb-9eb1-4c57-8965-f21812a735cd.png
Requested by: Host: horoscope.thsamsungcampaign.com
URL: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.28.132 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 876175e1aebe3c7a0d0e18c32ef8fbc4552223a50a9117c8b44f40c0f8acde4a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/

Response headers

Content-MD5: 7g4lWOzNABfXeL4OkJXNYQ==
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
ETag: 0x8DCF8C04ADC875C
x-ms-request-id: 756b0443-b01e-003d-5c36-3b82ba000000
Access-Control-Allow-Origin: *
Content-Length: 253161
Date: Wed, 20 Nov 2024 10:27:46 GMT
Content-Type: application/octet-stream
Last-Modified: Wed, 30 Oct 2024 08:53:15 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob

GET
H/1.1 200
OK de22d8db-e5ce-473d-b979-f552d08f4d06.png
thcontentstorageacctprd.blob.core.windows.net/upload/th-horoscopecampaign-11611/ 141 KB
141 KB 1596ms
348ms Image
application/octet-stream 20.150.28.132
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thcontentstorageacctprd.blob.core.windows.net/upload/th-horoscopecampaign-11611/de22d8db-e5ce-473d-b979-f552d08f4d06.png
Requested by: Host: horoscope.thsamsungcampaign.com
URL: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.28.132 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 9cae3bc34cdcf1bc9339e5208a18f8e6916680e0dc4da4b5fc4087a647e545f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/

Response headers

Content-MD5: PYAlUJVaGnTsWTWphBVCjg==
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
ETag: 0x8DCF8C042921CC0
x-ms-request-id: f61e67d9-101e-0074-1836-3bb1da000000
Access-Control-Allow-Origin: *
Content-Length: 143989
Date: Wed, 20 Nov 2024 10:27:46 GMT
Content-Type: application/octet-stream
Last-Modified: Wed, 30 Oct 2024 08:53:01 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob

GET
H2 200 bt-dl.png
horoscope.thsamsungcampaign.com/images/ 6 KB
6 KB 1849ms
1822ms Image
image/png 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horoscope.thsamsungcampaign.com/images/bt-dl.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9044f044927545aa87881840112b42f349a3dec6a61333cd935c8c179c1837ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771538 PNNN RT(1732098463145 2312) q(0 15 15 -1) r(16 16) U24
cache-control: no-cache, no-store
etag: "1da236ca99e0577"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 6135
date: Wed, 20 Nov 2024 10:27:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Thu, 30 Nov 2023 09:07:37 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 facebook.png
horoscope.thsamsungcampaign.com/asset/image/ 1 KB
1 KB 1901ms
1874ms Image
image/png 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horoscope.thsamsungcampaign.com/asset/image/facebook.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

85a909116a0fa19e898f1fe6295d39b0858cd16b74e5df309dc37bafa7056d08

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771381 PNNN RT(1732098463145 2320) q(0 15 15 -1) r(17 17) U24
cache-control: no-cache, no-store
etag: "1da236caacf3a8b"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 1291
date: Wed, 20 Nov 2024 10:27:47 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Thu, 30 Nov 2023 09:07:39 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 twitter.png
horoscope.thsamsungcampaign.com/asset/image/ 2 KB
2 KB 1931ms
1904ms Image
image/png 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horoscope.thsamsungcampaign.com/asset/image/twitter.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4278db219d9bbb40cf09c5ceaafedf84dbf3db9acc821b796134825dacffd2ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771546 PNNN RT(1732098463145 2327) q(0 16 16 -1) r(17 17) U24
cache-control: no-cache, no-store
etag: "1da236cab67d02c"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 1580
date: Wed, 20 Nov 2024 10:27:47 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Thu, 30 Nov 2023 09:07:40 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 line.png
horoscope.thsamsungcampaign.com/asset/image/ 2 KB
2 KB 1943ms
1917ms Image
image/png 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horoscope.thsamsungcampaign.com/asset/image/line.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2492121fb989f86328553fcd698c99accdea04263a819acda4e0e6c733bd177e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771544 PNNN RT(1732098463145 2333) q(0 16 16 -1) r(17 17) U24
cache-control: no-cache, no-store
etag: "1da236cab67de3e"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 2110
date: Wed, 20 Nov 2024 10:27:47 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Thu, 30 Nov 2023 09:07:40 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 copy-link.png
horoscope.thsamsungcampaign.com/asset/image/ 2 KB
2 KB 1979ms
1952ms Image
image/png 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horoscope.thsamsungcampaign.com/asset/image/copy-link.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5f1f022911fe6550dc0b53f5e40b5c9dcfadb8dff477c89a2fba77eae8d5a167

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771540 PNNN RT(1732098463145 2338) q(0 16 16 -1) r(18 18) U24
cache-control: no-cache, no-store
etag: "1da236caacf3794"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 2068
date: Wed, 20 Nov 2024 10:27:47 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Thu, 30 Nov 2023 09:07:39 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 bt-mail.png
horoscope.thsamsungcampaign.com/asset/image/ 6 KB
7 KB 2001ms
1978ms Image
image/png 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horoscope.thsamsungcampaign.com/asset/image/bt-mail.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

90c6dff516c275d88db6862f3331601263731ca5a850b6add1fc64dcfa4a2ca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771538 PNNN RT(1732098463145 2343) q(0 16 16 -1) r(18 18) U24
cache-control: no-cache, no-store
etag: "1da236caacf2634"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 6580
date: Wed, 20 Nov 2024 10:27:47 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Thu, 30 Nov 2023 09:07:39 GMT
x-frame-options: SAMEORIGIN

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
995 B 119ms
78ms Script
text/javascript 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LeqvxIpAAAAADFptU4wMSI5ue6ZFZt8AsY45XIg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

ESF /

Resource Hash

d38676ab4664d1f7fbfec4396eecfb5dc2d456cf1bde0e57b383f7884ec48b80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 10:27:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Wed, 20 Nov 2024 10:27:45 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 site.js Show response
horoscope.thsamsungcampaign.com/js/ 16 KB
5 KB 251ms
211ms Script
text/javascript 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://horoscope.thsamsungcampaign.com/js/site.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2062f8442701be5b66eb20cc513c3e83d83e4e019b9609b1b1d5efed5f309041

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771540 PNNN RT(1732098463145 2131) q(0 0 0 -1) r(2 2) U24
cache-control: no-cache, no-store
content-encoding: gzip
etag: "1db1af5c3b0d1bb"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
date: Wed, 20 Nov 2024 10:27:45 GMT
x-xss-protection: 1; mode=block
content-type: text/javascript
last-modified: Thu, 10 Oct 2024 09:21:19 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 site-2.js Show response
horoscope.thsamsungcampaign.com/js/ 2 KB
933 B 251ms
211ms Script
text/javascript 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://horoscope.thsamsungcampaign.com/js/site-2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

878d325ae0dcb52ad3a77cc3d2b3547cbfae81574e6378757a2aeae93341679f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771546 PNNN RT(1732098463145 2135) q(0 0 0 -1) r(2 2) U24
cache-control: no-cache, no-store
content-encoding: gzip
etag: "1da5fcaa65d0850"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
date: Wed, 20 Nov 2024 10:27:45 GMT
x-xss-protection: 1; mode=block
content-type: text/javascript
last-modified: Thu, 15 Feb 2024 04:51:34 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 utility.js Show response
horoscope.thsamsungcampaign.com/js/ 3 KB
2 KB 713ms
673ms Script
text/javascript 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://horoscope.thsamsungcampaign.com/js/utility.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c29b18b11fa6b6cbb1a1026a99e2ca27b79b3df4e199dec6488baf05f4dafa63

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771381 PNNN RT(1732098463145 2137) q(0 2 2 -1) r(7 7) U24
cache-control: no-cache, no-store
content-encoding: gzip
etag: "1da5fcaa65d03a4"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
date: Wed, 20 Nov 2024 10:27:45 GMT
x-xss-protection: 1; mode=block
content-type: text/javascript
last-modified: Thu, 15 Feb 2024 04:51:34 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 s_code_microsite.js Show response
horoscope.thsamsungcampaign.com/js/ 97 KB
43 KB 712ms
673ms Script
text/javascript 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://horoscope.thsamsungcampaign.com/js/s_code_microsite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

00e99c57e84d7250df61c548407ed1215f515c0f8bd666e2beb9f8243fb8fe6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771544 PNNN RT(1732098463145 2139) q(0 2 2 -1) r(7 7) U24
cache-control: no-cache, no-store
content-encoding: gzip
etag: "1da5fcaa65c8dc4"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
date: Wed, 20 Nov 2024 10:27:45 GMT
x-xss-protection: 1; mode=block
content-type: text/javascript
last-modified: Thu, 15 Feb 2024 04:51:34 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 s_code_click.js Show response
horoscope.thsamsungcampaign.com/js/ 303 B
389 B 712ms
674ms Script
text/javascript 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://horoscope.thsamsungcampaign.com/js/s_code_click.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

35baa778b9635cf3732c7e52693d553867bd86fb2fe171754da1c94cd46f27ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771546 PNNN RT(1732098463145 2141) q(0 2 2 -1) r(7 7) U24
cache-control: no-cache, no-store
content-encoding: gzip
etag: "1da5fcaa65d0e2f"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
date: Wed, 20 Nov 2024 10:27:45 GMT
x-xss-protection: 1; mode=block
content-type: text/javascript
last-modified: Thu, 15 Feb 2024 04:51:34 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 _Incapsula_Resource Show response
horoscope.thsamsungcampaign.com/ 84 KB
20 KB 264ms
241ms Script
application/javascript 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://horoscope.thsamsungcampaign.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=463992601
Requested by: Host: horoscope.thsamsungcampaign.com
URL: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.223.20.60 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 94a8ede854efab614f261ae5591f72ecf433e5d45ced42073010d3effeb353a7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

x-robots-tag: noindex
cache-control: no-cache, no-store
content-encoding: gzip
content-length: 20497
content-type: application/javascript

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 42ms
16ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-ztWbuUBE' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 10:27:45 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-ztWbuUBE' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=12, rtx=0, c=23, mss=1232, tbw=4449, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: Q0vKmGW3NAl6C0jGvZ6bVDx8t1+W1tENo68H+3jxQQUMImJAI/TSbYuZaKzG562XspfDHzU6QbqUSqSOE3iacw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62152
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 detail-footer.png
horoscope.thsamsungcampaign.com/asset/image/ 2 KB
2 KB 2113ms
425ms Image
image/png 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horoscope.thsamsungcampaign.com/asset/image/detail-footer.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

475652188ab1d7b0212d6b0415ac535816c720940337e3323f32a93f498cd948

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771381 PNNN RT(1732098463145 3799) q(0 2 2 -1) r(3 3) U24
cache-control: no-cache, no-store
etag: "1da236caacf36bd"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 2365
date: Wed, 20 Nov 2024 10:27:47 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Thu, 30 Nov 2023 09:07:39 GMT
x-frame-options: SAMEORIGIN

GET
H/1.1 200
OK 3070cbeb-9eb1-4c57-8965-f21812a735cd.png
thcontentstorageacctprd.blob.core.windows.net/upload/th-horoscopecampaign-11611/ 247 KB
0 1352ms
1351ms Image
application/octet-stream 20.150.28.132
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thcontentstorageacctprd.blob.core.windows.net/upload/th-horoscopecampaign-11611/3070cbeb-9eb1-4c57-8965-f21812a735cd.png
Requested by: Host: horoscope.thsamsungcampaign.com
URL: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.28.132 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 876175e1aebe3c7a0d0e18c32ef8fbc4552223a50a9117c8b44f40c0f8acde4a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/

Response headers

Content-MD5: 7g4lWOzNABfXeL4OkJXNYQ==
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
ETag: 0x8DCF8C04ADC875C
x-ms-request-id: 756b0443-b01e-003d-5c36-3b82ba000000
Access-Control-Allow-Origin: *
Content-Length: 253161
Date: Wed, 20 Nov 2024 10:27:46 GMT
Content-Type: application/octet-stream
Last-Modified: Wed, 30 Oct 2024 08:53:15 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob

GET
H2 200 bg-form.webp
horoscope.thsamsungcampaign.com/images/ 1 MB
1 MB 2025ms
2006ms Image
image/webp 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horoscope.thsamsungcampaign.com/images/bg-form.webp

Requested by

Host: horoscope.thsamsungcampaign.com
URL: https://horoscope.thsamsungcampaign.com/css/site.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d7b9858452e227764dfc1c43eb3d30e0569d2d4815573572df9df479444db157

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/css/site.css

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771542 PNNN RT(1732098463145 2354) q(0 17 17 -1) r(18 18) U24
cache-control: no-cache, no-store
etag: "1da236ca98a0a6e"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 1317102
date: Wed, 20 Nov 2024 10:27:47 GMT
x-xss-protection: 1; mode=block
content-type: image/webp
last-modified: Thu, 30 Nov 2023 09:07:37 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 KittithadaRoman55F.woff2
horoscope.thsamsungcampaign.com/fonts/ 13 KB
14 KB 877ms
876ms Font
font/woff2 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://horoscope.thsamsungcampaign.com/fonts/KittithadaRoman55F.woff2

Requested by

Host: horoscope.thsamsungcampaign.com
URL: https://horoscope.thsamsungcampaign.com/css/site.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f926a9a9ea9c8c64443fb96773dda5af14bfdd7e654499bfb87cd8cd18a7729b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://horoscope.thsamsungcampaign.com
Referer: https://horoscope.thsamsungcampaign.com/css/site.css

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771546 PNNN RT(1732098463145 2380) q(0 4 4 -1) r(6 6) U24
cache-control: no-cache, no-store
etag: "1da236ca99e2754"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 13780
date: Wed, 20 Nov 2024 10:27:46 GMT
x-xss-protection: 1; mode=block
content-type: font/woff2
last-modified: Thu, 30 Nov 2023 09:07:37 GMT
x-frame-options: SAMEORIGIN

GET
DATA 200
OK truncated
/ 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 859790d507acd06e12295953099b5025fc6d49d41683e0af085c5f8513f3c3c7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 KittithadaMedium65.woff2
horoscope.thsamsungcampaign.com/fonts/ 16 KB
17 KB 877ms
876ms Font
font/woff2 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://horoscope.thsamsungcampaign.com/fonts/KittithadaMedium65.woff2

Requested by

Host: horoscope.thsamsungcampaign.com
URL: https://horoscope.thsamsungcampaign.com/css/site.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

717df2fbdd304e9a832606038c2ff2d593ac1e6bf712ce7492479719e5564d18

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://horoscope.thsamsungcampaign.com
Referer: https://horoscope.thsamsungcampaign.com/css/site.css

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771381 PNNN RT(1732098463145 2385) q(0 4 4 -1) r(6 6) U24
cache-control: no-cache, no-store
etag: "1da236ca99e53ec"
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 16748
date: Wed, 20 Nov 2024 10:27:46 GMT
x-xss-protection: 1; mode=block
content-type: font/woff2
last-modified: Thu, 30 Nov 2023 09:07:37 GMT
x-frame-options: SAMEORIGIN

GET
H3 200 987121171302811 Show response
connect.facebook.net/signals/config/ 69 KB
14 KB 255ms
255ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/987121171302811?v=2.9.177&r=stable&domain=horoscope.thsamsungcampaign.com&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

6d08fc9c426426300732a8911b2a43aa09f9ad7112d43175587a0576a825a27d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-MlykaGg0' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 10:27:46 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-MlykaGg0' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=73, mss=1232, tbw=70975, tp=67, tpl=0, uplat=234, ullat=0
pragma: public
x-fb-debug: a20A4q355DxT4veZLHrKI4HgtaSN13xm/EfUrFa9hG7pdgsOG76fXFPd1rYCXU6vW4HBc1fSNIfxZcvn2a4xTg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/ 549 KB
218 KB 42ms
9ms Script
text/javascript 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeqvxIpAAAAADFptU4wMSI5ue6ZFZt8AsY45XIg

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f131.1e100.net

Software

sffe /

Resource Hash

6e79aeee4cbc317a3b6e18c8887ed2c1659ad8eb27431d1896a075ed935a9149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://horoscope.thsamsungcampaign.com
Referer: https://horoscope.thsamsungcampaign.com/

Response headers

content-encoding: gzip
age: 135729
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Tue, 18 Nov 2025 20:45:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 20:45:36 GMT
last-modified: Mon, 11 Nov 2024 05:00:22 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 222835
x-xss-protection: 0
server: sffe

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 93ms
25ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-MXCGTXGPFQ&gtm=45je4bj0v9172238032za200&_p=1732098465722&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=789773059.1732098466&ecid=2019503604&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732098465&sct=1&seg=0&dl=https%3A%2F%2Fhoroscope.thsamsungcampaign.com%2F%3Fsamid%3D0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9%26sap-outbound-id%3DE5A2C73E153752CEF32FD68B73B11B419AD5B452%26utm_source%3DSAPHybris%26utm_medium%3Demail%26utm_campaign%3D201844%26utm_term%3DTHMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483%26utm_content%3DAR%26cid%3Dth_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other&dt=Horoscope%20Samsung&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2354
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MXCGTXGPFQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://horoscope.thsamsungcampaign.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 10:27:46 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
564 B 102ms
30ms Ping
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MXCGTXGPFQ&cid=789773059.1732098466&gtm=45je4bj0v9172238032za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MXCGTXGPFQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://horoscope.thsamsungcampaign.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 10:27:46 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 125ms
61ms Image
image/gif 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MXCGTXGPFQ&cid=789773059.1732098466&gtm=45je4bj0v9172238032za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=723965688

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 20 Nov 2024 10:27:46 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 29ms
8ms Image
text/plain 157.240.251.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=987121171302811&ev=PageView&dl=https%3A%2F%2Fhoroscope.thsamsungcampaign.com%2F%3Fsamid%3D0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9%26sap-outbound-id%3DE5A2C73E153752CEF32FD68B73B11B419AD5B452%26utm_source%3DSAPHybris%26utm_medium%3Demail%26utm_campaign%3D201844%26utm_term%3DTHMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483%26utm_content%3DAR%26cid%3Dth_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other&rl=&if=false&ts=1732098466130&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=12318&fbp=fb.1.1732098466127.641895712422756939&ler=empty&cdl=API_unavailable&it=1732098465835&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=23, mss=1232, tbw=4493, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 20 Nov 2024 10:27:46 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 315ms
295ms Image
image/png 157.240.251.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=987121171302811&ev=PageView&dl=https%3A%2F%2Fhoroscope.thsamsungcampaign.com%2F%3Fsamid%3D0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9%26sap-outbound-id%3DE5A2C73E153752CEF32FD68B73B11B419AD5B452%26utm_source%3DSAPHybris%26utm_medium%3Demail%26utm_campaign%3D201844%26utm_term%3DTHMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483%26utm_content%3DAR%26cid%3Dth_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other&rl=&if=false&ts=1732098466130&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=12318&fbp=fb.1.1732098466127.641895712422756939&ler=empty&cdl=API_unavailable&it=1732098465835&coo=false&rqm=FGET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7439306265090797968"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x2ad21da50dc407b1","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["4986264008111621","3193667240733628","8501292313282952","1274754672535495","1888179371290007","1245341502143010"]},"debug_reporting":true,"debug_key":"4521647228916020711"}
date: Wed, 20 Nov 2024 10:27:46 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: cuRdLOXbl40yHLhXuhAFFYeGDFhpqjNBbaOuSsgclIeRfbB0EpOxmnkEnJ8TyusLOj//aicqs90ZP72S/yZiKA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7439306265090797968", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=23, mss=1232, tbw=4861, tp=13, tpl=0, uplat=281, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 event Show response
samsungthailand.demdex.net/ 561 B
922 B 159ms
50ms Script
application/javascript 46.137.25.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://samsungthailand.demdex.net/event?d_nsid=0&d_dpid=109350&d_dpuuid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&d_ld=_ts%3D1732098466663&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_0_1732098466663&d_cid_ic=samsungid_gcrm%010x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9%010&c_samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&c_sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&c_utm_source=SAPHybris&c_utm_medium=email&c_utm_campaign=201844&c_utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&c_utm_content=AR&c_cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other&c_hash=&c_host=horoscope.thsamsungcampaign.com&c_hostname=horoscope.thsamsungcampaign.com&c_pathname=&c_protocol=https%3A&c_pageName=th%3Acampaign%3Ahoroscope%3Ahoro&c_channel=th%3Acampaign&c_campaign=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other&c_prop1=th&c_eVar1=th&c_prop2=th%3Acampaign&c_eVar2=th%3Acampaign&c_prop3=th%3Acampaign%3Ahoroscope&c_eVar3=th%3Acampaign%3Ahoroscope&c_prop4=th%3Acampaign%3Ahoroscope%3Ahoro&c_eVar4=th%3Acampaign%3Ahoroscope%3Ahoro&c_hier1=th%3Ecampaign%3Ehoroscope%3Ehoro

Requested by

Host: horoscope.thsamsungcampaign.com
URL: https://horoscope.thsamsungcampaign.com/js/s_code_microsite.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

46.137.25.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-46-137-25-195.eu-west-1.compute.amazonaws.com

Software

Resource Hash

17e029bc92248d72f81ed39a2f1466dc0e26b999678b7cef82d35eb9ec6e7474

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-irl1-1-v069-029f0efce.edge-irl1.demdex.com 5 ms
content-encoding: gzip
pragma: no-cache
x-tid: hFXraE4PT38=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 392
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Wed, 20 Nov 2024 10:27:46 GMT
content-type: application/javascript;charset=utf-8

GET
H2

200

s97652232700770
smetrics.samsung.com/b/ss/sssamsung4th,sssamsung4mstglobal/1/H.25.5/
Redirect Chain

https://smetrics.samsung.com/b/ss/sssamsung4th,sssamsung4mstglobal/1/H.25.5/s97652232700770?AQB=1&ndh=1&t=20%2F10%2F2024%2011%3A27%3A46%203%20-60&fid=54B257BD2BDF17E7-20DA259D7067FC58&ce=UTF-8&page...
https://smetrics.samsung.com/b/ss/sssamsung4th,sssamsung4mstglobal/1/H.25.5/s97652232700770?AQB=1&pccr=true&vidn=339EDCD1104A5936-400010AF0DDAE6F5&ndh=1&t=20%2F10%2F2024%2011%3A27%3A46%203%20-60&fi...

43 B
249 B

34ms
33ms

Image
image/gif

63.140.62.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.samsung.com/b/ss/sssamsung4th,sssamsung4mstglobal/1/H.25.5/s97652232700770?AQB=1&pccr=true&vidn=339EDCD1104A5936-400010AF0DDAE6F5&ndh=1&t=20%2F10%2F2024%2011%3A27%3A46%203%20-60&fid=54B257BD2BDF17E7-20DA259D7067FC58&ce=UTF-8&pageName=th%3Acampaign%3Ahoroscope%3Ahoro&g=https%3A%2F%2Fhoroscope.thsamsungcampaign.com%2F%3Fsamid%3D0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9%26sap-outbound-id%3DE5A2C73E153752CEF32FD68B73B11B419AD5B452%26utm_source%3DSAPHybris%26utm_medium%3Demail%26utm_campaign%3D201844%26utm_term%3DTHMP-----MOR-CHAN&cc=THB&ch=th%3Acampaign&v0=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other&c1=th&v1=th&c2=th%3Acampaign&v2=th%3Acampaign&c3=th%3Acampaign%3Ahoroscope&v3=th%3Acampaign%3Ahoroscope&c4=th%3Acampaign%3Ahoroscope%3Ahoro&v4=th%3Acampaign%3Ahoroscope%3Ahoro&h1=th%3Ecampaign%3Ehoroscope%3Ehoro&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=GMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483%26utm_content%3DAR%26cid%3Dth_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other&p=PDF%20Viewer%3BChrome%20PDF%20Viewer%3BChromium%20PDF%20Viewer%3BMicrosoft%20Edge%20PDF%20Viewer%3BWebKit%20built-in%20PDF%3B&AQE=1

Requested by

Protocol

Server

63.140.62.222 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-222.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
pragma: no-cache
etag: 3719653133228572672-4618627293882833878
x-content-type-options: nosniff
expires: Tue, 19 Nov 2024 10:27:46 GMT
access-control-allow-origin: *
p3p: CP="This is not a P3P policy"
content-length: 43
date: Wed, 20 Nov 2024 10:27:46 GMT
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Nov 2024 10:27:46 GMT
vary: *
server: jag
content-type: image/gif;charset=utf-8

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
location: https://smetrics.samsung.com/b/ss/sssamsung4th,sssamsung4mstglobal/1/H.25.5/s97652232700770?AQB=1&pccr=true&vidn=339EDCD1104A5936-400010AF0DDAE6F5&ndh=1&t=20%2F10%2F2024%2011%3A27%3A46%203%20-60&fid=54B257BD2BDF17E7-20DA259D7067FC58&ce=UTF-8&pageName=th%3Acampaign%3Ahoroscope%3Ahoro&g=https%3A%2F%2Fhoroscope.thsamsungcampaign.com%2F%3Fsamid%3D0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9%26sap-outbound-id%3DE5A2C73E153752CEF32FD68B73B11B419AD5B452%26utm_source%3DSAPHybris%26utm_medium%3Demail%26utm_campaign%3D201844%26utm_term%3DTHMP-----MOR-CHAN&cc=THB&ch=th%3Acampaign&v0=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other&c1=th&v1=th&c2=th%3Acampaign&v2=th%3Acampaign&c3=th%3Acampaign%3Ahoroscope&v3=th%3Acampaign%3Ahoroscope&c4=th%3Acampaign%3Ahoroscope%3Ahoro&v4=th%3Acampaign%3Ahoroscope%3Ahoro&h1=th%3Ecampaign%3Ehoroscope%3Ehoro&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=GMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483%26utm_content%3DAR%26cid%3Dth_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other&p=PDF%20Viewer%3BChrome%20PDF%20Viewer%3BChromium%20PDF%20Viewer%3BMicrosoft%20Edge%20PDF%20Viewer%3BWebKit%20built-in%20PDF%3B&AQE=1
pragma: no-cache
x-content-type-options: nosniff
expires: Tue, 19 Nov 2024 10:27:46 GMT
access-control-allow-origin: *
p3p: CP="This is not a P3P policy"
content-length: 0
date: Wed, 20 Nov 2024 10:27:46 GMT
x-xss-protection: 1; mode=block
content-type: text/plain;charset=utf-8
vary: Origin
server: jag
last-modified: Thu, 21 Nov 2024 10:27:46 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 8 KB
3 KB 207ms
138ms Script
application/javascript 104.126.37.185
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C233SH54VE9F23K2P4I0&lib=ttq
Requested by: Host: horoscope.thsamsungcampaign.com
URL: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a104-126-37-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6cd3559da6f6e12b3052107c0d32853e437fcad464d60c70dee76c29ee2ec77a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/

Response headers

content-encoding: gzip
x-cache-remote: TCP_MISS from a23-218-223-78.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
expires: Wed, 20 Nov 2024 10:27:46 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=98, origin; dur=8, inner; dur=4
x-cache: TCP_MISS from a104-126-37-140.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date: Wed, 20 Nov 2024 10:27:46 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 9da64797.747ae5dd
x-tt-trace-host: 01492273d6ea0147d6e3204039a7beca619da1984350b1f5bbfc6954cf19e8719dbfc073b48d73d18ade35e77cdb64e10b9e4c480967c67bd62dbde04444f5647a50397b9d415f9145fb38d1f53fee792dd033a940a1e80b8e00734643ebb5ba3f7eb4d312bd4e448bcc7d64576fbbcd81
x-origin-response-time: 8,23.218.223.78
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-241120102746F776480EC1F7178C03AD-39775F89484F1001-00
content-length: 2320
x-parent-response-time: 101,104.126.37.140
x-tt-logid: 20241120102746F776480EC1F7178C03AD
server: nginx

GET
H2 200 _Incapsula_Resource
horoscope.thsamsungcampaign.com/ 1 B
49 B 103ms
100ms Image
text/plain 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://horoscope.thsamsungcampaign.com/_Incapsula_Resource?SWKMTFSR=1&e=0.19474622883214066
Requested by: Host: horoscope.thsamsungcampaign.com
URL: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.223.20.60 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

x-robots-tag: noindex
cache-control: no-cache, no-store
content-length: 1
content-type: text/plain

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 276C 0
0 90ms
50ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeqvxIpAAAAADFptU4wMSI5ue6ZFZt8AsY45XIg&co=aHR0cHM6Ly9ob3Jvc2NvcGUudGhzYW1zdW5nY2FtcGFpZ24uY29tOjQ0Mw..&hl=de&v=pPK749sccDmVW_9DSeTMVvh2&size=invisible&cb=z31p2zjlq3kv

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4PiGw9QLyQvYqJ6GhzKSlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://horoscope.thsamsungcampaign.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-4PiGw9QLyQvYqJ6GhzKSlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Nov 2024 10:27:46 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 main.MWQ3ODVjY2ZhMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 344 KB
95 KB 39ms
39ms Script
application/javascript 104.126.37.185
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ3ODVjY2ZhMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C233SH54VE9F23K2P4I0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a104-126-37-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4f9fab1dba389fa19212a3c7cf89445cee3f9b26ffc4ff940f4f83668d11e44f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/

Response headers

x-cache: TCP_MEM_HIT from a104-126-37-140.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id: 00-24111912264655E040CFBDE09117F2A2-4B8D55603FF6F63C-00
content-length: 96464
date: Wed, 20 Nov 2024 10:27:46 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2024111912264655E040CFBDE09117F2A2
server: nginx
x-akamai-request-id: 747ae764
x-tt-trace-host: 01fdab40132c57b5dfc5a217c27a63fce26707da4b2d92d87850d16da4310caa457438c189bb1c474539370c8bcfaaa26124ee2f2a3dda6253ff1a8d665a0ab4cc7e63e28ba2764db00fdbfc32069a22a47191d0af4c15c9804af2607b98bdbe438de2f4dcf47f317dfc51535f5e45cd34

GET
H2 200 identify_45dd5971.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 23ms
23ms Script
application/javascript 104.126.37.185
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ3ODVjY2ZhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a104-126-37-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/

Response headers

x-cache: TCP_MEM_HIT from a104-126-37-140.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=14
x-tt-trace-id: 00-241115050233F43D76A3E184AA166B24-35E8287D38D506DD-00
content-length: 39538
date: Wed, 20 Nov 2024 10:27:47 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20241115050233F43D76A3E184AA166B24
server: nginx
x-akamai-request-id: 747ae8c7
x-tt-trace-host: 01b2772d08dc2e64270ae20f4a4b8b52972e74fe5ac0a55040d5855cc7438be15e5205275afa736a30cc95a0b251d97cd946cb6633d7ae51caa40c2f854d4db7c6407fed021642971a870d0ed10bf6c807d8abd7686ca19db81318a79f9a46c023

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
877 B 179ms
177ms Ping
text/plain 104.126.37.185
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ3ODVjY2ZhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a104-126-37-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://horoscope.thsamsungcampaign.com/

Response headers

x-cache-remote: TCP_MISS from a104-78-78-85.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Wed, 20 Nov 2024 10:27:47 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=120, origin; dur=33, inner; dur=17
x-cache: TCP_MISS from a104-126-37-140.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date: Wed, 20 Nov 2024 10:27:47 GMT
x-akamai-request-id: 65d0a3ac.747ae908
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01492273d6ea0147d6e3204039a7beca61c5ee98234e2660899cd24bfcb2156655eb0bfd9497a78ca5f313bec8381be80d8a5729c13dcc02db824b0e9b364f780db31b6d2a210b9877cd58d6ddb167da94a28bdf65da0d9d4da330c28ba87044cdc187b86bf9d0b299911628519ceb2fcb
x-origin-response-time: 33,104.78.78.85
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241120102747241AB4BBFCC3798DC216-5EA69E1443A694B9-00
content-length: 0
x-parent-response-time: 141,104.126.37.140
x-tt-logid: 20241120102747241AB4BBFCC3798DC216
server: nginx

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
879 B 156ms
152ms Ping
text/plain 104.126.37.185
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ3ODVjY2ZhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a104-126-37-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://horoscope.thsamsungcampaign.com/

Response headers

x-cache-remote: TCP_MISS from a104-78-78-69.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Wed, 20 Nov 2024 10:27:47 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=108, origin; dur=33, inner; dur=20
x-cache: TCP_MISS from a104-126-37-140.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date: Wed, 20 Nov 2024 10:27:47 GMT
x-akamai-request-id: 5f40dc91.747aec5f
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01492273d6ea0147d6e3204039a7beca61c5ee98234e2660899cd24bfcb215665524d163d40e8b3139dbe3af6649a7fb16c595cd652ec2608a343b22dfdffbc37137684f68308154d10b7b4e5df4cbe36781ff8805b5af246b59d6039de4e7b594d9830a49b2cdd0603c66929701c17e6f
x-origin-response-time: 33,104.78.78.69
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241120102747B7952CD3CF608A8C3736-1F43B5F864E0ADA3-00
content-length: 0
x-parent-response-time: 128,104.126.37.140
x-tt-logid: 20241120102747B7952CD3CF608A8C3736
server: nginx

GET
H2 200 dest5.html
samsungthailand.demdex.net/ Frame 99A9 0
0 116ms
46ms Document
text/html 54.154.143.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://samsungthailand.demdex.net/dest5.html?d_nsid=0

Requested by

Host: horoscope.thsamsungcampaign.com
URL: https://horoscope.thsamsungcampaign.com/js/s_code_microsite.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.154.143.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-143-167.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://horoscope.thsamsungcampaign.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Wed, 20 Nov 2024 10:27:49 GMT
dcs: dcs-prod-irl1-2-v069-05ad82054.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 11 Nov 2024 10:48:48 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: ch4+HrjFQak=

GET
H2 404 favicon.ico
horoscope.thsamsungcampaign.com/images/ 0
159 B 186ms
185ms Other
text/plain 45.223.20.60
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://horoscope.thsamsungcampaign.com/images/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.20.60 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/?samid=0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9&sap-outbound-id=E5A2C73E153752CEF32FD68B73B11B419AD5B452&utm_source=SAPHybris&utm_medium=email&utm_campaign=201844&utm_term=THMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483&utm_content=AR&cid=th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other

Response headers

strict-transport-security: max-age=2592000
x-iinfo: 12-164771373-164771542 PNNN RT(1732098463145 5783) q(0 0 0 -1) r(1 1) U24
cache-control: no-cache, no-store
pragma: no-cache, must-revalidate
x-cdn: Imperva
x-content-type-options: nosniff
content-length: 0
date: Wed, 20 Nov 2024 10:27:49 GMT
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 31ms
30ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-MXCGTXGPFQ&gtm=45je4bj0v9172238032za200&_p=1732098465722&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=789773059.1732098466&ecid=2019503604&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1732098465&sct=1&seg=0&dl=https%3A%2F%2Fhoroscope.thsamsungcampaign.com%2F%3Fsamid%3D0x9FB368A473D764F4795979490BAE5498ADF95609E82B592F9D57D460D94451E9%26sap-outbound-id%3DE5A2C73E153752CEF32FD68B73B11B419AD5B452%26utm_source%3DSAPHybris%26utm_medium%3Demail%26utm_campaign%3D201844%26utm_term%3DTHMP-----MOR-CHANGMOR-OTHER03ESLNALNNANA___1_mx_kv-kolmorchang_cta-edm483%26utm_content%3DAR%26cid%3Dth_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other&dt=Horoscope%20Samsung&en=scroll&epn.percent_scrolled=90&_et=7&tfd=7366
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MXCGTXGPFQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://horoscope.thsamsungcampaign.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://horoscope.thsamsungcampaign.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 10:27:50 GMT
content-type: text/plain
server: Golfe2

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
878 B 137ms
132ms Ping
text/plain 104.126.37.185
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ3ODVjY2ZhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a104-126-37-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://horoscope.thsamsungcampaign.com/

Response headers

x-cache-remote: TCP_MISS from a23-218-223-23.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Wed, 20 Nov 2024 10:27:51 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=97, origin; dur=23, inner; dur=20
x-cache: TCP_MISS from a104-126-37-140.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date: Wed, 20 Nov 2024 10:27:51 GMT
x-akamai-request-id: 3be89592.747b14d6
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01492273d6ea0147d6e3204039a7beca619da1984350b1f5bbfc6954cf19e8719df40492e35bcc5120035a3089af59f8f98c4329ac4eff70be30d4919c7e42f3964f1d96234bd51c33bf3834472fa0ed4a96cb0403266ba6e9da7a45e2c2e23cc8e3b1fc5f5f8c372e9e0cfbc7ca673cf5
x-origin-response-time: 24,23.218.223.23
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-24112010275187B2A5BD3C92007FB7FF-16A867ED194C762B-00
content-length: 0
x-parent-response-time: 110,104.126.37.140
x-tt-logid: 2024112010275187B2A5BD3C92007FB7FF
server: nginx

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
horoscope.thsamsungcampaign.com/	1969-12-31 23:59:59	Name: .hora_front.Session Value: CfDJ8NS7GniITZBCnKzzVowKZO%2B5EchFm7%2B6yLn4LXsHs5jZzn2NZbS5zOgE3uO%2FGGmIK5%2Bg5RQFWL7EV4WJQDiD8CvoU%2F%2FXtZbDPTXCRBsIP91mnfz8bZcNcZo4wpJdrnpaVo%2B9hGjruNUTAjkKddI8C1DBOYx%2BxxzFDl8QItgFujhB
.horoscope.thsamsungcampaign.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: e42d68261b7ad0b3d017a6e9293662b884cdeb694462a884eb4f3c46bae0f771
.horoscope.thsamsungcampaign.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: e42d68261b7ad0b3d017a6e9293662b884cdeb694462a884eb4f3c46bae0f771
.thsamsungcampaign.com/	1970-01-21 09:53:12	Name: visid_incap_3054483 Value: +IxS2cwkSJSJjQtxWGcgGp+5PWcAAAAAQUIPAAAAAAB9wOU9dLxOYKpTMyhUAAuY
.thsamsungcampaign.com/	1969-12-31 23:59:59	Name: nlbi_3054483 Value: t1gEb9inATFh/fv+aNDwGAAAAACkHrrtZlAnwNu7ixNzwLcL
.thsamsungcampaign.com/	1969-12-31 23:59:59	Name: incap_ses_1288_3054483 Value: TsmgIe8FQBgiT4ZqROXfEZ+5PWcAAAAAGN53TL2qGQA589l86akceQ==
.thsamsungcampaign.com/	1970-01-21 10:44:18	Name: _ga Value: GA1.1.789773059.1732098466
.thsamsungcampaign.com/	1970-01-21 10:44:18	Name: _ga_MXCGTXGPFQ Value: GS1.1.1732098465.1.0.1732098465.60.0.2019503604
.thsamsungcampaign.com/	1970-01-21 03:17:54	Name: _fbp Value: fb.1.1732098466127.641895712422756939
.thsamsungcampaign.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.thsamsungcampaign.com/	1970-01-21 10:44:18	Name: s_fid Value: 54B257BD2BDF17E7-20DA259D7067FC58
.thsamsungcampaign.com/	1969-12-31 23:59:59	Name: s_campaign Value: th_ow_email_gcrm_mul-im_postl_thmp-----mor-changmor-other03eslnalnnana_image_morchangsustain-w3-201124_morchangunengaged-other
.thsamsungcampaign.com/	1969-12-31 23:59:59	Name: s_sq Value: %5B%5BB%5D%5D
.demdex.net/	1970-01-21 05:27:30	Name: demdex Value: 78779260120339295912222314804504170566
.horoscope.thsamsungcampaign.com/	1970-01-21 01:51:30	Name: aam_uuid Value: 78779260120339295912222314804504170566
.tiktok.com/	1970-01-21 10:29:54	Name: _ttp Value: 2p6tgpz57w0RDJcTOzPId1IyRMi
.thsamsungcampaign.com/	1970-01-21 10:29:54	Name: _tt_enable_cookie Value: 1
.thsamsungcampaign.com/	1970-01-21 10:29:54	Name: _ttp Value: 2fmBBbN8o2O4ZyaUxOM6NsKI3xW.tt.1
.demdex.net/	1970-01-21 05:27:30	Name: dextp Value: 771-1-1732098469424\|3462-1-1732098469440
.doubleclick.net/	1970-01-21 10:29:54	Name: IDE Value: AHWqTUm4jfyHBfcyJ3bB8UqSJUM1H-DmcsKA7uXO-FyPxkXChvZMCM_ibmNGXdNqHpY
.dpm.demdex.net/	1970-01-21 05:27:30	Name: dpm Value: 78779260120339295912222314804504170566

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://horoscope.thsamsungcampaign.com/images/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
cdnjs.cloudflare.com
connect.facebook.net
horoscope.thsamsungcampaign.com
npmcdn.com
region1.analytics.google.com
samsungthailand.demdex.net
smetrics.samsung.com
stats.g.doubleclick.net
thcontentstorageacctprd.blob.core.windows.net
unpkg.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
104.126.37.185
104.17.25.14
142.250.186.68
157.240.251.35
157.240.251.9
20.150.28.132
2001:4860:4802:34::36
216.58.212.131
216.58.212.163
2606:4700:20::681a:acb
2606:4700::6811:f8cb
2a00:1450:4001:806::2008
2a00:1450:400c:c0c::9c
45.223.20.60
46.137.25.195
54.154.143.167
63.140.62.222
00e99c57e84d7250df61c548407ed1215f515c0f8bd666e2beb9f8243fb8fe6b
02776fd0ab12ad5515a684087b7212bd96f52f76ae88acb4bc1e23c0dfff0652
17e029bc92248d72f81ed39a2f1466dc0e26b999678b7cef82d35eb9ec6e7474
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
1b34a42552c96f10e4dfaaa4a367276b03868aacff63c1ac42ffe331352bc754
1eeab1cb779471a0b0aaa93dd91c2eb1aa537d696f01ab05ea9dabc55e8525a1
2062f8442701be5b66eb20cc513c3e83d83e4e019b9609b1b1d5efed5f309041
2492121fb989f86328553fcd698c99accdea04263a819acda4e0e6c733bd177e
253bf11ad6b40697cb55f54bfa0e645fa9be147a0b0ba40da2603e599e283725
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4
2cd1c2f440b615492ec7208d3ffdd1b9553558dbc273ec1ac926490e255243da
3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df
35baa778b9635cf3732c7e52693d553867bd86fb2fe171754da1c94cd46f27ee
3aa6d58d974d052d6bad494e15bff103c518e148e59054c006564610b41103d2
3db3d104a5e03f37a0a923cb691c0c11d5df6b125933f915b829549c8c1c6e04
3eafcaf8e4f0e8a4891097c230e8bcbd4bef7e6f9c58f7629bf6934f53461a4f
41c7093e60737986d293afca47090d94593d0b646e586a910721599cb98e29b6
4278db219d9bbb40cf09c5ceaafedf84dbf3db9acc821b796134825dacffd2ad
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
4502ae68ec36f868fd1dbb89507a248452ec353061181fe7dee91edb4b5533dc
475652188ab1d7b0212d6b0415ac535816c720940337e3323f32a93f498cd948
479334552f387a7bb4a5dc3ea99804bb080a74a735c5091d268eddabefe71c7d
47d01d856738d2fcdecfabbed52ff44769967a89e735313df23ede16eca5de24
4859c19a21539bcc4001510489c1bd0b830cdc4e6bccd96a15349145f096f0ad
4f9fab1dba389fa19212a3c7cf89445cee3f9b26ffc4ff940f4f83668d11e44f
5d841917b396190cde0e03eddd5dcea88a0cf5335bc8abbd5a9d29f27612ee5e
5f1f022911fe6550dc0b53f5e40b5c9dcfadb8dff477c89a2fba77eae8d5a167
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
608e5f39ad9f500c1bce60acfdbc5e77b27d51d477836e6ff144fa67f6c81983
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
6cd3559da6f6e12b3052107c0d32853e437fcad464d60c70dee76c29ee2ec77a
6d08fc9c426426300732a8911b2a43aa09f9ad7112d43175587a0576a825a27d
6e79aeee4cbc317a3b6e18c8887ed2c1659ad8eb27431d1896a075ed935a9149
717df2fbdd304e9a832606038c2ff2d593ac1e6bf712ce7492479719e5564d18
7199c1feb5e8c517eca9e038f30cf61b8674129fa3e7736c5619b66fb14d3c64
73fc8683b50c56071f5aa2abff76a21f63f6f6d0b5ed5cca92e26e9951ac709b
74e52975f68258b60c9f489d3f0600c111b049182a099a28f61e42b02b432c39
804894cc139c08adbd54e0fa8ea3080555a745457df87e9526832245b43fac27
859790d507acd06e12295953099b5025fc6d49d41683e0af085c5f8513f3c3c7
85a909116a0fa19e898f1fe6295d39b0858cd16b74e5df309dc37bafa7056d08
870eeff23645feb144771d591dea53e03ef70054c72eefcff64132acd7ac4727
876175e1aebe3c7a0d0e18c32ef8fbc4552223a50a9117c8b44f40c0f8acde4a
878d325ae0dcb52ad3a77cc3d2b3547cbfae81574e6378757a2aeae93341679f
87c0ca46fc55ecdcde7d81a5081f1413ac27d22047d549de6abb77261c920431
8eef2ef6cf882d5e2e9167cb7c8b0ebbeb75b28a698835488733d149326fab4f
8fa54e96c25d579b8781cb34d50ec8b02849e06cec10277507200ad08d6a0ff3
9044f044927545aa87881840112b42f349a3dec6a61333cd935c8c179c1837ee
90c6dff516c275d88db6862f3331601263731ca5a850b6add1fc64dcfa4a2ca4
94a8ede854efab614f261ae5591f72ecf433e5d45ced42073010d3effeb353a7
9a5e374a744ab7a2ea8c03831d99f7a27775f817f5c7e8e6d04290c74c49b409
9cae3bc34cdcf1bc9339e5208a18f8e6916680e0dc4da4b5fc4087a647e545f6
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a641d5e74a1a8fceb6211f7a8c740baffd5d167183afedde4939b7c3e181508b
a7d76bded6381578e69225cda26c75fda0e7500eaf682abda5623eafc6c036ba
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b002b0493bccdaf7ca15ed97a834c0ebe24ae3c3fc02aaad572730f5cc4b933e
b108fc5efdc966a4537021664d0e80e89f43536a88ac6b283ba36729de08d990
bb4b2423fc6cd59461e367faaf86d64eb37bc569f15fcc3151f10156fb08b34f
c01407b6025b4664b79f8757916918aacc838df697d78fbab3c68a957699e266
c13f35350d89f198305b39ae1fff077cd107bc85ab969146141184d6aefe578c
c29b18b11fa6b6cbb1a1026a99e2ca27b79b3df4e199dec6488baf05f4dafa63
d071757b10e663952861e4a398724237f737ceae7568a3cfb2dd154d86d175f1
d30b7cbd84a71056bf8488a3f42b9e8ad730fa1fcb980402efafb474cff21f17
d38676ab4664d1f7fbfec4396eecfb5dc2d456cf1bde0e57b383f7884ec48b80
d3e578a41ff09b569076ad1b0c8865088984fe768d7de7a5ed08077ad7f2c8e5
d720863a64b19a01fa5c3e7d1004bd89accfdaad5ccff7f3b2d146ef64428df5
d7b9858452e227764dfc1c43eb3d30e0569d2d4815573572df9df479444db157
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea3710e2f0e19019ec2281cd2bee32a8d03dfacbc2d15dab826a84371eac5be0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
f37cad4429c2815e53699ca98abd4e8773737f696fff554c63a58f4d6589200b
f5ccdbe6b12143fb32ad8f4c9962d97aa01c9ddbf15230b9f291e03bd74b8f20
f926a9a9ea9c8c64443fb96773dda5af14bfdd7e654499bfb87cd8cd18a7729b
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

horoscope.thsamsungcampaign.com Open in urlscan Pro 45.223.20.60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

86 Requests

94 %HTTPS

29 %IPv6

15 Domains

16 Subdomains

18 IPs

6 Countries

7282 kBTransfer

9738 kBSize

21 Cookies

2 Outgoing links

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

horoscope.thsamsungcampaign.com Open in urlscan Pro
45.223.20.60 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

94 %
HTTPS

29 %
IPv6

15
Domains

16
Subdomains

18
IPs

6
Countries

7282 kB
Transfer

9738 kB
Size

21
Cookies

86 HTTP transactions
2 data transactions