www.sanook.com Open in urlscan Pro
203.151.128.172 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.sanook.com/
Submission: On December 17 via manual (December 17th 2023, 4:17:44 pm UTC) from TH — Scanned from DE

Summary HTTP 303 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 81 IPs in 10 countries across 53 domains to perform 303 HTTP transactions. The main IP is 203.151.128.172, located in Mueang Samut Prakan, Thailand and belongs to INET-TH-AS Internet Thailand Company Limited, TH. The main domain is www.sanook.com. The Cisco Umbrella rank of the primary domain is 104874.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on June 16th 2023. Valid for: a year.

This is the only time www.sanook.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	203.151.128.172 203.151.128.172	4618 (INET-TH-A...) (INET-TH-AS Internet Thailand Company Limited)
4	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
73	43.152.26.197 43.152.26.197	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
12	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
2	203.154.58.214 203.154.58.214	4618 (INET-TH-A...) (INET-TH-AS Internet Thailand Company Limited)
3	203.151.133.6 203.151.133.6	4618 (INET-TH-A...) (INET-TH-AS Internet Thailand Company Limited)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:20:... 2606:4700:20::ac43:4809	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
4	2.19.244.232 2.19.244.232	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:20:... 2606:4700:20::681a:6e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	203.151.130.72 203.151.130.72	4618 (INET-TH-A...) (INET-TH-AS Internet Thailand Company Limited)
1 5	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.64.189.226 185.64.189.226	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	23.215.19.214 23.215.19.214	16625 (AKAMAI-AS) (AKAMAI-AS)
2	108.157.4.15 108.157.4.15	16509 (AMAZON-02) (AMAZON-02)
3	119.81.216.16 119.81.216.16	36351 (SOFTLAYER) (SOFTLAYER)
16	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
6	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
13	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	95.101.149.35 95.101.149.35	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	77.245.57.78 77.245.57.78	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
1 4	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
2	18.66.248.90 18.66.248.90	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:243... 2600:9000:243d:cc00:a:e047:753:a221	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
13	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.251.84.60 34.251.84.60	16509 (AMAZON-02) (AMAZON-02)
2	172.64.149.180 172.64.149.180	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
4	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
11	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
6	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1 1	134.122.57.34 134.122.57.34	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	34.95.81.168 34.95.81.168	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
1	34.107.231.31 34.107.231.31	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	61.91.93.45 61.91.93.45	7470 (TRUEINTER...) (TRUEINTERNET-AS-AP TRUE INTERNET Co.)
1	108.157.4.57 108.157.4.57	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	184.30.211.26 184.30.211.26	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::6816:35ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.195.52 151.101.195.52	54113 (FASTLY) (FASTLY)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	54.220.142.223 54.220.142.223	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:445	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	213.202.235.9 213.202.235.9	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
5	185.64.190.82 185.64.190.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
8	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:231... 2600:9000:2315:d800:2:d490:4d80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	2404:6800:400... 2404:6800:4003:c1c::78	15169 (GOOGLE) (GOOGLE)
303	81

5 203.151.128.172 (Mueang Samut Prakan, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 172.128.151.203.sta.inet.co.th

www.sanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
graph.sanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beacon.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

73 43.152.26.197 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)

s.isanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p3.isanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 203.154.58.214 (Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 203-154-58-214.northern.inet.co.th

lvs2.truehits.in.th	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 203.151.133.6 (Mueang Samut Prakan, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 6.134.151.203.sta.inet.co.th

sal.isanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4809 (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.ocmhood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.ocmtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.19.244.232 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-244-232.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:6e4 (United States)

ASN13335 (CLOUDFLARENET, US)

t.ocmhood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.151.130.72 (Mueang Samut Prakan, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 72.130.151.203.sta.inet.co.th

sloth-api.sanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

ut.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.215.19.214 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-19-214.deploy.static.akamaitechnologies.com

avd.innity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.4.15 (Germany)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-15.dus51.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.81.216.16 (Singapore, Singapore)

ASN36351 (SOFTLAYER, US)
PTR: 10.d8.5177.ip4.static.sl-reverse.com

avd.innity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

tencentth-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.78 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

rtb-eu.andbeyond.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.211.12 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.248.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-90.dus51.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:243d:cc00:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4305d22e66b225320ecc4bea83b468f8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.84.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-84-60.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.130.91 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.122.57.34 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.81.168 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com

euexchangesync.digitaleast.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

cm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

rtbdemand.apiip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.231.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.231.107.34.bc.googleusercontent.com

p.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 61.91.93.45 (Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-93-45.static.asianet.co.th

dc.sanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-57.dus51.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:35ad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.195.52 (United States)

ASN54113 (FASTLY, US)

rtbpass.andbeyond.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.220.142.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-142-223.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.9 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.190.82 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:d800:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)

wrappers.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c1c::78 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
76	isanook.com s.isanook.com — Cisco Umbrella Rank: 97809 p3.isanook.com — Cisco Umbrella Rank: 122128 sal.isanook.com — Cisco Umbrella Rank: 116013	1 MB
27	googlesyndication.com f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148 pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 4305d22e66b225320ecc4bea83b468f8.safeframe.googlesyndication.com	253 KB
23	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	755 KB
22	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404	74 KB
22	criteo.net static.criteo.net — Cisco Umbrella Rank: 631 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10143 csm.eu.criteo.net — Cisco Umbrella Rank: 9625	323 KB
16	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 544 ut.pubmatic.com — Cisco Umbrella Rank: 7777 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504 image6.pubmatic.com — Cisco Umbrella Rank: 793 t.pubmatic.com — Cisco Umbrella Rank: 3146	260 KB
14	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 424 mug.criteo.com — Cisco Umbrella Rank: 2811 bidder.criteo.com — Cisco Umbrella Rank: 776 ads.eu.criteo.com — Cisco Umbrella Rank: 9522 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 16218 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10971	61 KB
10	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 484 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	7 KB
7	sanook.com www.sanook.com — Cisco Umbrella Rank: 104874 graph.sanook.com — Cisco Umbrella Rank: 204373 sloth-api.sanook.com — Cisco Umbrella Rank: 169224 dc.sanook.com — Cisco Umbrella Rank: 118481	44 KB
6	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 285 c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614	78 KB
6	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 893 id5-sync.com — Cisco Umbrella Rank: 425	68 KB
5	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 979 bcp.crwdcntrl.net — Cisco Umbrella Rank: 850 id.crwdcntrl.net — Cisco Umbrella Rank: 2417	25 KB
5	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 229 acdn.adnxs.com — Cisco Umbrella Rank: 610	20 KB
5	openx.net 1 redirects tencentth-d.openx.net — Cisco Umbrella Rank: 147375 oajs.openx.net — Cisco Umbrella Rank: 1639 u.openx.net — Cisco Umbrella Rank: 672 google-bidout-d.openx.net — Cisco Umbrella Rank: 1643	1012 B
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	287 KB
5	google.de www.google.de — Cisco Umbrella Rank: 6765	796 B
4	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 537 eus.rubiconproject.com — Cisco Umbrella Rank: 588 token.rubiconproject.com — Cisco Umbrella Rank: 461	15 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1020 beacon.taboola.com — Cisco Umbrella Rank: 15997	7 KB
3	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 1673 a.ad.gt — Cisco Umbrella Rank: 1869	4 KB
3	innity.com avd.innity.com — Cisco Umbrella Rank: 35648	2 KB
3	innity.net avd.innity.net — Cisco Umbrella Rank: 47448	13 KB
3	ocmhood.com sdk.ocmhood.com — Cisco Umbrella Rank: 50150 t.ocmhood.com — Cisco Umbrella Rank: 11511	13 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	261 KB
2	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940	547 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	569 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 644 cdn.indexww.com — Cisco Umbrella Rank: 1640	2 KB
2	andbeyond.media rtb-eu.andbeyond.media — Cisco Umbrella Rank: 146566 rtbpass.andbeyond.media — Cisco Umbrella Rank: 58952	187 KB
2	teads.tv a.teads.tv — Cisco Umbrella Rank: 1466	760 B
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 172	3 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	89 KB
2	truehits.in.th lvs2.truehits.in.th — Cisco Umbrella Rank: 92995	9 KB
1	gstatic.com csi.gstatic.com	225 B
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 225	463 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 590	16 KB
1	geoedge.be wrappers.geoedge.be — Cisco Umbrella Rank: 22565	3 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	5 KB
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 11353	60 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 1790	10 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1042	17 KB
1	adlooxtracking.com p.adlooxtracking.com — Cisco Umbrella Rank: 24966	4 KB
1	apiip.net rtbdemand.apiip.net — Cisco Umbrella Rank: 26379	397 B
1	ctnsnet.com 1 redirects cm.ctnsnet.com — Cisco Umbrella Rank: 3764	443 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 825	759 B
1	digitaleast.mobi 1 redirects euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 20274	269 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 1901	514 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	1 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1740	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2789	3 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138	2 KB
1	ocmtag.com cdn.ocmtag.com — Cisco Umbrella Rank: 52663	688 B
0	rlcdn.com Failed api.rlcdn.com Failed
303	53

	Domain	Requested by
69	s.isanook.com	www.sanook.com
16	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.sanook.com f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com
13	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com www.sanook.com
13	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net www.sanook.com
12	static.criteo.net	www.sanook.com securepubads.g.doubleclick.net ads.eu.criteo.com
11	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.googletagservices.com www.sanook.com tpc.googlesyndication.com
8	imageproxy.eu.criteo.net	ads.eu.criteo.com
7	www.google.com	1 redirects www.sanook.com securepubads.g.doubleclick.net tpc.googlesyndication.com f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com
6	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
6	bidder.criteo.com	static.criteo.net
5	t.pubmatic.com	ads.pubmatic.com
5	hbopenbid.pubmatic.com	ads.pubmatic.com
5	www.googletagservices.com	s.isanook.com securepubads.g.doubleclick.net f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com
5	www.google.de	www.sanook.com
4	id5-sync.com	cdn.id5-sync.com ads.pubmatic.com
4	ib.adnxs.com	1 redirects ads.pubmatic.com acdn.adnxs.com
4	gum.criteo.com	1 redirects static.criteo.net ads.pubmatic.com
4	graph.sanook.com	s.isanook.com
4	ads.pubmatic.com	s.isanook.com ads.pubmatic.com
4	p3.isanook.com	www.sanook.com s.isanook.com p3.isanook.com
3	c.amazon-adsystem.com	www.sanook.com c.amazon-adsystem.com
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	avd.innity.com	avd.innity.net www.sanook.com
3	avd.innity.net	p3.isanook.com avd.innity.net www.sanook.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	sal.isanook.com	www.sanook.com
3	www.googletagmanager.com	www.sanook.com www.googletagmanager.com www.google-analytics.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	lb.eu-1-id5-sync.com	ads.pubmatic.com cdn.id5-sync.com
2	id.hadron.ad.gt	cdn.hadronid.net
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	cm.g.doubleclick.net	2 redirects
2	match.adsrvr.org	ssum-sec.casalemedia.com ads.pubmatic.com
2	eus.rubiconproject.com	ads.pubmatic.com eus.rubiconproject.com
2	bcp.crwdcntrl.net	tags.crwdcntrl.net
2	oajs.openx.net	1 redirects www.sanook.com
2	f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	cdn.id5-sync.com	securepubads.g.doubleclick.net www.sanook.com
2	tags.crwdcntrl.net	securepubads.g.doubleclick.net www.sanook.com
2	a.teads.tv	ads.pubmatic.com
2	sb.scorecardresearch.com	p3.isanook.com www.sanook.com
2	t.ocmhood.com	sdk.ocmhood.com
2	region1.analytics.google.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	beacon.taboola.com	www.sanook.com
2	connect.facebook.net	www.sanook.com connect.facebook.net
2	lvs2.truehits.in.th	www.sanook.com
2	cdn.taboola.com	www.sanook.com cdn.taboola.com
1	csi.gstatic.com	pagead2.googlesyndication.com
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.sanook.com
1	a.ad.gt	cdn.hadronid.net
1	wrappers.geoedge.be	rtbpass.andbeyond.media
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	m.exactag.com	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	rtb.nl3.eu.criteo.com	f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com
1	rtbpass.andbeyond.media	www.sanook.com
1	cdn.hadronid.net	www.sanook.com
1	secure.cdn.fastclick.net	www.sanook.com
1	ads.eu.criteo.com	f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	dc.sanook.com	www.sanook.com
1	p.adlooxtracking.com	www.sanook.com
1	rtbdemand.apiip.net	www.sanook.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	cm.ctnsnet.com	1 redirects
1	p.rfihub.com	1 redirects
1	euexchangesync.digitaleast.mobi	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	4305d22e66b225320ecc4bea83b468f8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	token.rubiconproject.com	eus.rubiconproject.com
1	acdn.adnxs.com	ads.pubmatic.com
1	js-sec.indexww.com	ads.pubmatic.com
1	u.openx.net	ads.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	rtb-eu.andbeyond.media	ads.pubmatic.com
1	htlb.casalemedia.com	ads.pubmatic.com
1	fastlane.rubiconproject.com	ads.pubmatic.com
1	tencentth-d.openx.net	ads.pubmatic.com
1	mug.criteo.com	www.sanook.com
1	ut.pubmatic.com	ads.pubmatic.com
1	sloth-api.sanook.com	s.isanook.com
1	www.facebook.com	www.sanook.com
1	www.googleadservices.com	www.googletagmanager.com
1	cdn.ocmtag.com	sdk.ocmhood.com
1	sdk.ocmhood.com	cdn.taboola.com
1	www.sanook.com
0	api.rlcdn.com Failed	ads.pubmatic.com
303	95

This site contains links to these domains. Also see Links.

Domain
truehits.net
news.sanook.com
www.joox.com
wetv.vip
www.wecomics.in.th
www.facebook.com
sso.member.sanook.com
muan.sanook.com
www.sanook77.co
comics.sanook.com
tv.sanook.com
guru.sanook.com
www.tencent.co.th
twitter.com
instagram.com
www.youtube.com
www.linkedin.com
line.me
sport.sanook.com

Subject Issuer	Validity	Valid
*.sanook.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-16` - `2024-07-16`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.isanook.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-12` - `2024-10-23`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
lvs2.truehits.in.th Sectigo RSA Domain Validation Secure Server CA	`2023-01-29` - `2024-02-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-25` - `2023-12-24`	3 months	crt.sh
ocmhood.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-01-25` - `2024-01-24`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.innity.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-24` - `2024-02-26`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
*.innity.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-05` - `2025-01-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.andbeyond.media Starfield Secure Certificate Authority - G2	`2023-02-14` - `2024-03-17`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
p.adlooxtracking.com GTS CA 1D4	`2023-11-13` - `2024-02-11`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
hadronid.net GTS CA 1P5	`2023-12-03` - `2024-03-02`	3 months	crt.sh
andbeyond.media Certainly Intermediate R1	`2023-12-10` - `2024-01-09`	a month	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-03` - `2024-02-28`	3 months	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2023-04-03` - `2024-05-03`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
gw.geoedge.be Amazon RSA 2048 M01	`2023-08-12` - `2024-09-09`	a year	crt.sh
a.ad.gt E1	`2023-12-12` - `2024-03-11`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 23 frames:

Primary Page: https://www.sanook.com/
Frame ID: 5C755F7072D1F729004BBD657477B458
Requests: 208 HTTP requests in this frame

Frame: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Frame ID: 7634738418A3CB570FEC72B90BFB45A4
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
Frame ID: 536FE69F28BFD4DB9E382FD2B4C003B0
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Frame ID: 0F397B11A22E23D34D13345E950A03B4
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Frame ID: 2055D200F9ABCFD9F7BCE80322FECE37
Requests: 1 HTTP requests in this frame

Frame: https://f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E8666190BA04782E7AB423E1573EA6D4
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuacCEGTeCOnsWWZYFH2bX9yGXF0E8B5gxzDXDiwz30_CKvrrbSpFuQROmDbQ-Hm5n9CEFjy4wLohb94GvXnt25kceSoI-EDcOk1Bp2aX5PHQs_51iQhPgKCiMrkTcY7gW_FWk5On5McQyIIgz6U0E8Kiq-xtvTrvkH_CwrmKq54zrxG52bt7D3abTVoMxt34J1Bia2NqTt1EiSfx1z28w5RMHkkQoj4lnOrHozirh6a9GzTorWTX39EgnyvtZNAR2rLZ5Dub5KOzuttleRtMr643Zo-_4rKWuN87HVPyUMOM6vCjYCaVmrFvH54t03Je-aE2AVCobb5ISRO8YD82LPJLIzWNKRXYiaizcSaXlxDg3dNSj0bMMbwiM&sai=AMfl-YSvqqUWxCyaRaVLhZBieNqGM_2kC8TqfFVXAHmV8oJyOi9Z8EswzLSW5ZlgThwwuBfBrlT-GrupnvYJvNBfQ3XoFtU5Y2NRzo5Ql7CmYguukBtsmEpgeTL7uVg6fW8Gs6uSwMY7YECT4m4CdsEF&sig=Cg0ArKJSzGFCleDliuVMEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: EE0ADB84D2BF8D43C85D3F6E49D84C24
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWXXFU8AX1y4IaiPvBmW-X3UBzIshnOWozubIz8n9fRpTLCyTCXzqcGP3dAUOogAL6v70Kd3ms5dTg7tCItEJRNKmk1AQU3fUal1HDB_1JJ5fVSRrmSVDTOx73C1cSm1PJhEIN3eRQCCBhFr-c1M-_6DJvcAsmxAze5TaMBHcVS1FjkMXLDoomguruPHAb8WkGaclQS6RfmGAh7JNxgoVywx3uhY0T9ZtbLMTNDAYmTN3V50DcjTZI1frD21ZbJegpgRqVPQh0XGj7oMZCmgsCg4KBZZGLdB-lOTGsWLfeuFWhJ-OZis-HE82Gvyg_Hjihons0q7_JubiWnZecPdwfkDfF0pHIB7jHnektXfRqgf1EmiGM0w3nhQxi&sai=AMfl-YRv8v0A9yO9PAZI6-AmrsMSGYK8h64UlMtlHP-7R1_5WJmTfaoxNjA3SW23xiGrfOxeiOQp0EWkOiLHCJBwOoflTi9pmrig9e6TTdiDKQu2Jd3BbJ5gciEx6U1ouK_YJxSch6z2aFMSwoDl-Q8XH_c&sig=Cg0ArKJSzArdTihJUypTEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: E1E073E4CBBDD11174EA8475FA5A58AC
Requests: 9 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 79D4966BC366E30C32F9CC871A3E3107
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 1B11438F16D27C04FFF5E1A071AE4635
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 12C11BE5EC8C2EC991BADF4D643F69F8
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BB959D5337296290428211019B217169
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 840EE52A882DFB023ACBB78E969E4A89
Requests: 10 HTTP requests in this frame

Frame: https://4305d22e66b225320ecc4bea83b468f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: BC553DE76686B90455B722C02E79231A
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 786FC8F4DE269B736D55BDD861DD4006
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssN8ZTas53mMoepYyJX1wTWgVFcJBfi83LJXeDX5kRpNzqB6qhV0psF5Oy-OdK_oPHijP6HT111O6VpVsXiiWarvxQ6d-C0QjQuCCPfaIpNAQ3ZSJf2S7dxcFZwTbkFV7UpDsxujmjPpOwZZuyZ-mUg7v_lV-att-o0erDjMYYaajovGNwvynYbUM-x-Pa46l3BTMQDlpmW9P2VlbkBOx2UFTq7DurjJo8WIuMZEVegSIDaIrhox1dTB3YIrvSlccCX3SbY39fPYIK9odBwIZs0gF2hBJ7gk4OUlc7eh5hy1icun04tGbPiVrK95CzYVENRmoJ65GTZzWi5d8zA-ufx3aA3rQdf&sai=AMfl-YQI1pGxB79JN6Mr3_pUsYymTFp9QNivJxBZFtMGHUdm59X-BHlXKIvlJXDJd_6xRl20UCOwCEETg8nLVFvD_9bOilm9USYOKjdbp3kVaNoEAMwHzgBUT0TLjovFDLg&sig=Cg0ArKJSzK8fz2hRPMhXEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: E6BE0BEC9601A3B1CC7F2C50B00841DF
Requests: 4 HTTP requests in this frame

Frame: https://f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E22FC4ED03F106002FA5DF04DE15B013
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5A87018D8B2DFEF1DB8C58397B7BC2C8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AA306530BA913A90AB9D527D41749E2B
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX8fHwAKLN4K4DSBAAH7eiqlmVHdpv92zr7wNQ&u=%7CAOMSsgxnrhoxe%2Fdo%2B2Www1FdEj0iDE4xfuNcNHlIC7M%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_RLVULd6ykJCxappyJEwNkY-6BQ_MCHfczAvT9ijL5vzKE5EhzHqCnrjjRoGjrOh7qGDEaHNmgecqMMmK8QS1yui-N6hgwUwf6cfqHnWpt4FglC4L-6d7eBcKWR7LaL4ZfKvw5qjmPP3KZs1O2FQkFO7H0i9U9dxPWZgSsZUierq5Q31p0NPhliGjPUBkNvmVH99Am-QJagTSTMD7BCf0GWq5OCvEvroaADr2Ed4uXGn0-x4s0gysmtlg2zEESR7_EaXCm9ggML7pkdDJ6N1e4HxTAFb9tx1T6RuPOkLqe-k-seMvDOe5rKBbdAqQRKyF_Jy1xs6bydHdFZKBWnGAouw62g1ungmGgXm0osMUoMk3ycDC8Jigh3Pqs-mURvVG0eRRE1_04Bm3QBg404GCvlGwmA1eWHY2d43tNLgIQS1znQv-SVjY29nq8n7qC-XP1CF6My3Ls2UaF1Jt2UjON16i__Xj8suTeQqMx0m5e5vAdb2bPY-f4ZZwX5PgQUZD1wtquIjR0vVU69NZi930vQqMNhtok6GQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm-OcHx9_Zd7ZKIHpgAf69oeYBsme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi02MTY3MjM4NzEyNzI5MDMyyAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEtwJP0GdPek5U78qzkTrZIsrTxUE6amtoum9lgkM-WwWLzxCFB3gjK-Ll10tk81dj6GKkK5I-_dD-ZmJy4fXE5C48zS6pgmsXZnnADhv0WQFAKx4bIWuRWXuSP7GpgTrN__H9iCL6c2TH0_VORQh7zIZ2TeDgJwbV8d7BVcGOD5gjiD8qUmZSJ9xTz3lvhf1maPQUzrxkt4snqJgWClcteg-dmcd-rEUR1vbLXnq55qFGP1Cvjs-aOMhahIVWhV1QpSU_0gcsarYNM0QQinOm91KexN9T7MDBNRN0A2hA6o6fJQYlD_JyvRyGdJORpKbKyDKsaVvscUie_-gEKVBs3fQEAQbStg24YK7o_2YEcO97vur6YWjMvNJvrV8T6MrUrOhT1PuAODt4fcCjzyND5d9ZtRJqKSipmeAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOli0gKLF75aDA_oLAggBgAwB4g0TCPayosXvloMDFYE04AodevsBY9AVAYAXAQ%26num%3D1%26sig%3DAOD64_0p-Jp9okoTNmvk3zpVuuplZo31Gg%26client%3Dca-pub-6167238712729032%26adurl%3D
Frame ID: C20874BC1AB83C70F8C9150A25F77593
Requests: 22 HTTP requests in this frame

Frame: https://cdn.taboola.com/webpush/tgframe.html
Frame ID: 6374DA21F34401C7E80E34405D7A200D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 62BF6C8E55A28360CDA14FD2907D821F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 822920112641931ECE1BC089345A1C1E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

sanook.com รวมข่าว ดูดวง หวย ผลบอล เพลง Joox เกม

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

303
Requests

96 %
HTTPS

42 %
IPv6

53
Domains

95
Subdomains

81
IPs

10
Countries

3998 kB
Transfer

12019 kB
Size

55
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://truehits.net/stat.php?login=sanook

Search URL Search Domain Scan URL

URL: https://news.sanook.com/lotto
Title: ตรวจหวย

Search URL Search Domain Scan URL

URL: https://www.joox.com/th
Title: ฟังเพลง

Search URL Search Domain Scan URL

URL: https://wetv.vip/th?language=th
Title: ดูหนัง

Search URL Search Domain Scan URL

URL: https://www.wecomics.in.th/
Title: อ่านการ์ตูน

Search URL Search Domain Scan URL

URL: https://www.facebook.com/PUBGMOBILE.TH.OFFICIAL
Title: เล่นเกมส์

Search URL Search Domain Scan URL

URL: https://sso.member.sanook.com/member/login.php?psnid=000001-000046-000049-000001&autologin=1&option=&surl=https://www.sanook.com/&registerUrl=http%3A%2F%2Fsso.member.sanook.com%2Fregister%2Fmini.php
Title: เข้าสู่ระบบ

Search URL Search Domain Scan URL

URL: https://sso.member.sanook.com/member/signup.php?psnid=000001-000046-000049-000001&surl=https://www.sanook.com/&autologin=1&eventID=&option=&mail=
Title: สมัครสมาชิก

Search URL Search Domain Scan URL

URL: https://muan.sanook.com/
Title: ข่าวลาว

Search URL Search Domain Scan URL

URL: https://www.sanook77.co/
Title: ข่าว 77 จังหวัด

Search URL Search Domain Scan URL

URL: https://news.sanook.com/lotto/
Title: หวยไทย

Search URL Search Domain Scan URL

URL: https://news.sanook.com/lotto/lotto-stats/
Title: สถิติหวยไทย

Search URL Search Domain Scan URL

URL: https://comics.sanook.com/
Title: อ่านการ์ตูน

Search URL Search Domain Scan URL

URL: https://tv.sanook.com/
Title: ดูทีวี

Search URL Search Domain Scan URL

URL: https://guru.sanook.com/
Title: กูรู-รอบรู้

Search URL Search Domain Scan URL

URL: https://www.tencent.co.th/th/jobs/
Title: ร่วมงานกับเรา

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sanookeveryday

Search URL Search Domain Scan URL

URL: https://twitter.com/sanook

Search URL Search Domain Scan URL

URL: https://instagram.com/sanook.com

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/SanookTV

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/1013623?trk=tyah&trkInfo=clickedVertical%3Acompany%2CclickedEntityId%3A1013623%2Cidx%3A2-1-2%2CtarId%3A1465882069006%2Ctas%3ASanook

Search URL Search Domain Scan URL

URL: https://line.me/ti/p/@sanook.com

Search URL Search Domain Scan URL

URL: https://sport.sanook.com/football/table/premierleague/
Title: ตารางคะแนนพรีเมียร์ลีก

Search URL Search Domain Scan URL

URL: https://www.tencent.co.th/
Title: เกี่ยวกับเรา

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=1062747507&cv=11&fst=1702829853494&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&auid=1128908288.1702829853&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=HR9_ZdmJPKqQiM0PscyV6AE&sscte=1&crd=&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzqbJPfFPCkcBexyu6FtgmxR0ITYuXVI46g&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VjVHNnUVJpYzNBMl9ITnZrQklTZ2ZRc3NEemMxamEzN2ZVS2JlUzdwanlMaWcaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE0tc3JBblllRGZrQVJoOWl0ZGZ3MlpxTTBaQk83azh3YnFPZzdTU0RNUHBidGFLMXY4Qnc3SWJtQSITCJmMvcTvloMDFSoIogMdMWYFHQ HTTP 302
https://www.google.com/pagead/1p-conversion/1007499765/?random=1062747507&cv=11&fst=1702829853494&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&auid=1128908288.1702829853&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VjVHNnUVJpYzNBMl9ITnZrQklTZ2ZRc3NEemMxamEzN2ZVS2JlUzdwanlMaWcaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE0tc3JBblllRGZrQVJoOWl0ZGZ3MlpxTTBaQk83azh3YnFPZzdTU0RNUHBidGFLMXY4Qnc3SWJtQSITCJmMvcTvloMDFSoIogMdMWYFHQ&is_vtc=1&ocp_id=HR9_ZdmJPKqQiM0PscyV6AE&cid=CAQSKQAvHhf_27I2zuKJfBavVZpOOrMYbX1fahBG-ARmvyNMpngUy08Cn4ec&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzi_jm7jTqNCGh5CThcFp44Oks25LxW_c0w&random=3284570421 HTTP 302
https://www.google.de/pagead/1p-conversion/1007499765/?random=1062747507&cv=11&fst=1702829853494&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&auid=1128908288.1702829853&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VjVHNnUVJpYzNBMl9ITnZrQklTZ2ZRc3NEemMxamEzN2ZVS2JlUzdwanlMaWcaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE0tc3JBblllRGZrQVJoOWl0ZGZ3MlpxTTBaQk83azh3YnFPZzdTU0RNUHBidGFLMXY4Qnc3SWJtQSITCJmMvcTvloMDFSoIogMdMWYFHQ&is_vtc=1&ocp_id=HR9_ZdmJPKqQiM0PscyV6AE&cid=CAQSKQAvHhf_27I2zuKJfBavVZpOOrMYbX1fahBG-ARmvyNMpngUy08Cn4ec&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzi_jm7jTqNCGh5CThcFp44Oks25LxW_c0w&random=3284570421&ipr=y

Request Chain 106

https://gum.criteo.com/sid/json?origin=publishertag&domain=sanook.com&sn=ChromeSyncframe&so=0&topUrl=www.sanook.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=iZK39XxBWXN1WE5adnR1NkkvYjN0VzE5ZDdYdyt4NlJsWTkxc2tNK2M4Y25TKy8wcUlkTzY3MXoxZkZvYW1oaUg1YkRqc1BZajVGeDg3NjFIMk1CdzJsV1dob3AvSTFiK2czSU83bmtZakJ5dnJuOEpoQmQyOExUaC95V3dzdXFKK0hlOWJRbmNUTkIyZ29uZkJpTGYvL1liN0RBZm9VTDM4Mk5meE1PMzB2MlcwRW1MaXd3cmZ1T1N5MTlGY1JoSmJ6VzJ2NTE2KzVyTExrR2ZCR3NZTG9PZDdIVFpmWU1HQ3haV05BMU82RFZwZFdQS1lDaHMrdW9vUzdiajcyWE1pU1BRZ1RlSmxZMGxHMFh5OGdwVERBWENRQT09fA&cppv=2

Request Chain 164

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2F&rid=esp&cc=1

Request Chain 175

https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 177

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 184

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZX8fH.fbsVhOf3aYSGRgMgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFvWJX6vbzk9vqMHs2_Itag&google_cver=1&google_hm=2

Request Chain 185

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZX8fH-fbsVhOf3aYSGRgMgAADLkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBfh9zWqosTouxioyN9zRK0&google_cver=1

Request Chain 186

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZX8fH-fbsVhOf3aYSGRgMgAADLkAAAIB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZX8fH-fbsVhOf3aYSGRgMgAADLkAAAIB&gpp=&gpp_sid=&dcc=t

Request Chain 187

https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=ZX8fH.fbsVhOf3aYSGRgMgAA%263257 HTTP 302
https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=588cc097-199c-4952-ae53-21289a95ce49

Request Chain 188

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=3693379d-a04e-4360-adb7-96138a7fdcae

Request Chain 189

https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084928925621731

Request Chain 190

https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=bd7f22a130c14b18b7d2a891650def15&expiration=1705421856

303 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.sanook.com/ 282 KB
38 KB 1504ms
237ms Document
text/html 203.151.128.172
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sanook.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

203.151.128.172 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),

Reverse DNS

172.128.151.203.sta.inet.co.th

Software

nginx /

Resource Hash

a65fab2186a8f05b05c54e7b92d3858a4e372a909c6a9cb397415b0687181bd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: public, s-maxage=15, max-age=5, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sun, 17 Dec 2023 16:17:32 GMT
Proxy-Cache-Status: STALE
SN-Cache-Status: HIT
Server: nginx
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Transfer-Encoding: chunked
Vary: Accept-Encoding User-Agent
X-Cache-Status: MISS
X-Ua-Device: desktop
X-Ua-Exp: notset
X-Ua-Key: cover_display
X-Ua-Type: human

GET
H2 200 taboola-push-sdk.js Show response
cdn.taboola.com/webpush/publishers/1011713/ 15 KB
6 KB 128ms
41ms Script
application/octet-stream 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/webpush/publishers/1011713/taboola-push-sdk.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84dbea809787acd9c5c767113eb3f7bc492f55812613c10507f66f10d205db36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: OfFW3qSCFTk8stQse__31i5akmTWt65R
content-encoding: gzip
via: 1.1 varnish
date: Sun, 17 Dec 2023 16:17:33 GMT
x-amz-request-id: ZMG3RW8S6FTNEXDA
age: 1596
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5678
x-amz-id-2: lYikduKiHWPqw5wyPpLzfseipavbrInZd5hcEZ+b8CIaIVZU2u/y7NSNOhVHrG6EeCuZDh8ZtL0=
x-served-by: cache-fra-etou8220056-FRA
last-modified: Thu, 26 Oct 2023 09:07:03 GMT
server: AmazonS3
x-timer: S1702829853.088839,VS0,VE2
etag: "e2595c8172706b041a90c945e3638320"
vary: Accept-Encoding
content-type: application/octet-stream
abp: 44
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 pubmatic_desktop.1.0.0.js Show response
s.isanook.com/sh/0/js/ 1 KB
738 B 855ms
85ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 19:47:18 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 1087
server: Lego Server
age: 0
etag: W/"5afbec11-43f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 4905577421273847054
accept-ranges: bytes
content-length: 550
expires: Fri, 15 Dec 2023 19:47:18 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 131 KB
42 KB 169ms
84ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 05 Dec 2023 05:12:22 GMT
server: nginx
etag: W/"656eb136-20a3d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 18 Dec 2023 16:17:33 GMT

GET
H2 200 beacon.v1.js Show response
p3.isanook.com/sh/0/js/ 375 B
464 B 1227ms
40ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.isanook.com/sh/0/js/beacon.v1.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 03:21:21 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 28 Nov 2013 06:56:15 GMT
server: Lego Server
age: 430522
etag: "5296e90f-177"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 2698950623813174534
accept-ranges: bytes
content-length: 266
expires: Sun, 24 Dec 2023 03:21:21 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 291 KB
93 KB 156ms
69ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e957118565b32ebfa32d41eea0ba8511d78e1a70bea62b13697bd9ca3c7ee589

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94841
x-xss-protection: 0
last-modified: Sun, 17 Dec 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 17 Dec 2023 16:17:33 GMT

GET
H2 200 d0004449.js Show response
lvs2.truehits.in.th/dataa/ 9 KB
9 KB 898ms
226ms Script
application/x-javascript 203.154.58.214
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://lvs2.truehits.in.th/dataa/d0004449.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.58.214 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-58-214.northern.inet.co.th
Software: nginx/1.23.3 /
Resource Hash: eb9259aebd19a094d3d7073bf6a137120374376a5a94dece19bb09d8d7062425

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:34 GMT
last-modified: Thu, 14 Dec 2023 07:02:00 GMT
server: nginx/1.23.3
p3p: CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
content-type: application/x-javascript
cache-control: max-age=604800
content-length: 8719
expires: Sun, 24 Dec 2023 16:17:33 GMT

GET
H/1.1 200
OK a102.js Show response
sal.isanook.com/js/ 23 KB
10 KB 3582ms
244ms Script
application/javascript 203.151.133.6
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://sal.isanook.com/js/a102.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.151.133.6 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 6.134.151.203.sta.inet.co.th
Software: nginx /
Resource Hash: 65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 17 Dec 2023 16:17:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Aug 2020 09:23:14 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Tue, 16 Jan 2024 16:17:36 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 122ms
40ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 17 Dec 2023 16:17:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 8ZW15/UDOI+gmlRKAtzp07CQSs8eDVoxPPMN/bbhSVBNy2qPHQtPxD+Q9vkSfQEz5LE4VaUAqmzFJbG1gaqcAQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ht.js Show response
sdk.ocmhood.com/sdk/ 30 KB
12 KB 143ms
53ms Script
application/javascript 2606:4700:20::ac43:4809
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/webpush/publishers/1011713/taboola-push-sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4809 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76826516b4d37ab488d0163d4d43fa6f56199dae748fdfbabcd447c78528464e

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2639
alt-svc: h3=":443"; ma=86400
service-worker-allowed: /
last-modified: Thu, 07 Dec 2023 11:01:57 GMT
server: cloudflare
etag: W/"6571a625-2ef3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tg200LBvMznuBjrSg1HRU2mAyfwC8urlrYRvdEzd%2FRazcSDibBstvtK9tDdcN4xkL3oaVDfQgNnwMG%2Fn4gQ%2FvIy%2BZ6gnBmVnZRM4bMT2SZ1mZncBnrjcUKq8DjOUv7KcpqQxFDmO5FwftuGEew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 83707a173f3235f7-FRA

GET
H2 200 0edade65c094e5997049.css
s.isanook.com/sr/0/_next/static/css/ 43 KB
9 KB 592ms
42ms Stylesheet
text/css 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/css/0edade65c094e5997049.css
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 0fc98c135a2fc30eb81a14617a47ff036f4c71bfc80dbb1f24e47908c9188862

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 02:56:45 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 44218
server: Lego Server
age: 13
etag: W/"657283d1-acba"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-nws-log-uuid: 7159362446749038636
accept-ranges: bytes
content-length: 9110
expires: Sun, 07 Jan 2024 02:56:13 GMT

GET
H2 200 webpack-0b7658e9eff09abe37ad.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 9 KB
5 KB 629ms
84ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-0b7658e9eff09abe37ad.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 1181419d24f84fff2333f63d9728ca0a783e7cedee634f89aa01ce83bd323599

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 03:28:30 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 9638
server: Lego Server
age: 128
etag: W/"657bc516-25a6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 11957998908682418692
accept-ranges: bytes
content-length: 4806
expires: Sun, 14 Jan 2024 03:26:14 GMT

GET
H2 200 framework-bccd505f411f10b308c7.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 147 KB
45 KB 629ms
85ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/framework-bccd505f411f10b308c7.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: e16941500a7e562826092aa4e31a907a0c6e9354e4c843391cd3fdec33602bb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 02:17:47 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 150360
server: Lego Server
age: 0
etag: W/"6565dcad-24b58"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 10708142827434443065
accept-ranges: bytes
content-length: 45781
expires: Fri, 29 Dec 2023 02:17:47 GMT

GET
H2 200 main-6fc29b940dae36eaf931.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 75 KB
24 KB 503ms
85ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/main-6fc29b940dae36eaf931.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: e6f66edeac3b3a3f7b2cd9d2c9c0365f42b989cc873dd956522bcc03e1279413

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 06:30:22 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 24 Nov 2023 04:03:16 GMT
server: Lego Server
age: 0
etag: W/"65602084-12ae6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 713841682331362143
accept-ranges: bytes
content-length: 23882
expires: Sun, 24 Dec 2023 06:30:22 GMT

GET
H2 200 _app-eb1165ea7721a933cb0e.js Show response
s.isanook.com/sr/0/_next/static/chunks/pages/ 796 KB
189 KB 485ms
85ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-eb1165ea7721a933cb0e.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 8c368c950dff147b7cce089e3deefcf48b378f2fdad58190092bb96a2761f28a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 03:28:30 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 814800
server: Lego Server
age: 128
etag: W/"657bc519-c6ed0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 1940075884159611016
accept-ranges: bytes
content-length: 193454
expires: Sun, 14 Jan 2024 03:26:14 GMT

GET
H2 200 2962-603a28e62dde6ed2aedb.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 12 KB
3 KB 89ms
85ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2962-603a28e62dde6ed2aedb.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 39a9767a33fe8b9d31f24bb9f29f98152c9f738a1bf59539cfd87285d30be231

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 03:26:04 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 11966
server: Lego Server
age: 3311
etag: W/"65544f53-2ebe"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 16028564314285820647
accept-ranges: bytes
content-length: 2738
expires: Sat, 16 Dec 2023 03:26:04 GMT

GET
H2 200 9669-b56602280eb9384c191d.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 13 KB
5 KB 132ms
128ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/9669-b56602280eb9384c191d.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 9cd0cf9358f6d9ef9aecc29466faba4f8f2f5b9a79f03be60e6b220558fd4340

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 19:34:52 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 13794
server: Lego Server
age: 0
etag: W/"65544f52-35e2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 16869894730604313781
accept-ranges: bytes
content-length: 4715
expires: Fri, 15 Dec 2023 19:34:52 GMT

GET
H2 200 1354-e6e263fd45386d27bc3d.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 50 KB
16 KB 89ms
86ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/1354-e6e263fd45386d27bc3d.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 6110bd3d72d24a65ab45401d0318208e362f323aca3c84d57a36523d34a60f0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 04:27:48 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 50816
server: Lego Server
age: 42575
etag: W/"656405c9-c680"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 7331219549565403711
accept-ranges: bytes
content-length: 16570
expires: Wed, 27 Dec 2023 04:27:48 GMT

GET
H2 200 3253-53ff7ff6e0b6ee493cc0.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 24 KB
7 KB 132ms
128ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/3253-53ff7ff6e0b6ee493cc0.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 1150925cc59c7046516a9aaaf3d9add1cd9cce4f6a5002154a4cfe3432906427

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 01:15:33 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 24873
server: Lego Server
age: 0
etag: W/"656405c8-6129"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 15212983232890269849
accept-ranges: bytes
content-length: 7144
expires: Thu, 28 Dec 2023 01:15:33 GMT

GET
H2 200 6261-0b9100df4de35e339621.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 29 KB
7 KB 89ms
86ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/6261-0b9100df4de35e339621.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: ee4af143a6a0a29cda4f26e4e9e05fbc58918dfa32bb26bb7f43b266afc0a085

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 07:08:22 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 29406
server: Lego Server
age: 562116
etag: W/"6556d42e-72de"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 1910427382956258589
accept-ranges: bytes
content-length: 6698
expires: Sun, 17 Dec 2023 02:51:34 GMT

GET
H2 200 2144-fc95701658e9dbc62ba5.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 9 KB
4 KB 89ms
86ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2144-fc95701658e9dbc62ba5.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: dbc8e7010be7250d7092fa7cdfc81186f97e3abf060d836d4054ba37f1160ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:45:39 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 9691
server: Lego Server
age: 2165
etag: W/"6572d774-25db"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 16347890154593301873
accept-ranges: bytes
content-length: 3394
expires: Tue, 09 Jan 2024 03:45:39 GMT

GET
H2 200 1216-75cdf64a6bee3b4a0f08.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 7 KB
3 KB 90ms
86ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/1216-75cdf64a6bee3b4a0f08.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: c874f708f5b975cd971bc4b89f3a432a46121a549273f79c0e1363ef54001157

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 03:40:02 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 6871
server: Lego Server
age: 0
etag: W/"65446ebe-1ad7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 5320228053415110017
accept-ranges: bytes
content-length: 2537
expires: Wed, 06 Dec 2023 03:40:02 GMT

GET
H2 200 617-ce3dea63b3c20710b129.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 16 KB
5 KB 269ms
266ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/617-ce3dea63b3c20710b129.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: c60e2fc9ce0914bf1cf11e141c745da30edc15af953fd6682d0d95df5d83f809

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 03:09:32 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 16030
server: Lego Server
age: 0
etag: W/"65544f54-3e9e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 4281205066694121687
accept-ranges: bytes
content-length: 4551
expires: Sat, 16 Dec 2023 03:09:32 GMT

GET
H2 200 3051-bf42533dcd722fe36384.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 82 KB
26 KB 132ms
129ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/3051-bf42533dcd722fe36384.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: b9e38cc9731430afe84fde118d71237c9a86fce3230e5ac7ae1d7f86c102842a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 08:25:48 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 24 Nov 2023 04:03:17 GMT
server: Lego Server
age: 0
etag: W/"65602085-1496c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 15632532579787149521
accept-ranges: bytes
content-length: 26664
expires: Mon, 25 Dec 2023 08:25:48 GMT

GET
H2 200 5616-5f8425f3631c502b5b56.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 9 KB
3 KB 132ms
129ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/5616-5f8425f3631c502b5b56.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: be670c3d3cc9021e3e244a863bd36f5c685a09f46cffefdb930b9fefee0fec0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:29:36 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 9072
server: Lego Server
age: 239022
etag: W/"6572d775-2370"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 14712548150585484919
accept-ranges: bytes
content-length: 3074
expires: Mon, 08 Jan 2024 12:29:36 GMT

GET
H2 200 6066-d50250a536141f89d39a.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 37 KB
10 KB 90ms
87ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/6066-d50250a536141f89d39a.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 12c77ac611a4332b163f12367043df571ad45e56537880d12235f9aa3376e777

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 03:10:10 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
etag: W/"6557286a-95e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 14322064243510482054
accept-ranges: bytes
content-length: 9981
expires: Wed, 20 Dec 2023 03:10:10 GMT

GET
H2 200 5949-ac9935b6efbd2da19187.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 5 KB
2 KB 90ms
87ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/5949-ac9935b6efbd2da19187.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 50b19099ebca11eae52e56b077ea2f8d618a21e6a9657a8de01467f764ef910f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 03:00:04 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 4674
server: Lego Server
age: 41784
etag: W/"651e244e-1242"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 15066424299300355633
accept-ranges: bytes
content-length: 2126
expires: Sun, 31 Dec 2023 13:58:55 GMT

GET
H2 200 6876-8ff5ec0b004769cf30cd.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 11 KB
4 KB 138ms
135ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/6876-8ff5ec0b004769cf30cd.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 27e3898e078a99fc5f43b11cbef454a94563852fc306e3a9f163146e02751a19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 09:36:30 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 11452
server: Lego Server
age: 0
etag: W/"656405ca-2cbc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 17688191939112745966
accept-ranges: bytes
content-length: 3894
expires: Wed, 27 Dec 2023 09:36:30 GMT

GET
H2 200 9826-a6b080a9d148f6d33282.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 50 KB
8 KB 90ms
87ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/9826-a6b080a9d148f6d33282.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 5bf7724d62557cbb156e410f424acf0d48a3f5b6db47b4ba25db0699d9e1305a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:20:52 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 51343
server: Lego Server
age: 0
etag: W/"656d3d79-c88f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 16306314733379528428
accept-ranges: bytes
content-length: 7614
expires: Wed, 03 Jan 2024 03:20:51 GMT

GET
H2 200 5503-b2397f73d06c2a9e1092.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 37 KB
7 KB 139ms
136ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/5503-b2397f73d06c2a9e1092.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 5dfa82f46c4ae85ec1f5515f5b74b176b6b00343eb768ebbe7777a4cb00d30f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:20:52 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 37463
server: Lego Server
age: 0
etag: W/"656d3d7e-9257"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 4951579369568368905
accept-ranges: bytes
content-length: 7289
expires: Wed, 03 Jan 2024 03:20:52 GMT

GET
H2 200 1190-fdad6300c0a7a066b80d.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 210 KB
44 KB 139ms
136ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/1190-fdad6300c0a7a066b80d.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 87bd6985d4c80ddfc0324e0f993596047d9ec47a247574fcdc915c199f032536

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 03:58:40 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 215033
server: Lego Server
age: 0
etag: "657bc8a6-347f9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 8852145327009717827
accept-ranges: bytes
content-length: 44694
expires: Sun, 14 Jan 2024 03:58:40 GMT

GET
H2 200 3316-1075f88424a7f97fd556.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 18 KB
4 KB 139ms
136ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/3316-1075f88424a7f97fd556.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 2ad2e0dabfe69db1f2fa50e28da4cff673db42de2a7c9990610dc913ae7f8ab5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:20:52 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 18017
server: Lego Server
age: 6
etag: W/"656d3d76-4661"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 6418657781216338952
accept-ranges: bytes
content-length: 4335
expires: Wed, 03 Jan 2024 03:20:51 GMT

GET
H2 200 5269-b7e44080fa2ad5a29a4f.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 248 KB
19 KB 139ms
136ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/5269-b7e44080fa2ad5a29a4f.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: cb4ad9fca15600096a8d9107572e52f9c6f1cd930e9b6dbcf0954192c786da14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 02:56:12 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 253795
server: Lego Server
age: 8
etag: W/"657283d0-3df63"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 11645152214027774572
accept-ranges: bytes
content-length: 18893
expires: Sun, 07 Jan 2024 02:56:12 GMT

GET
H2 200 4374-91615dc559f3faf9c086.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 17 KB
4 KB 139ms
136ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/4374-91615dc559f3faf9c086.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: fee99ad0bd0cd5995682405178d9d2ede85fed5c79f543d8b740f53395291f64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:20:51 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 17102
server: Lego Server
age: 12
etag: W/"656d3d79-42ce"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 3461511360561271354
accept-ranges: bytes
content-length: 3785
expires: Wed, 03 Jan 2024 03:20:51 GMT

GET
H2 200 7634-04c472fae60f45a849a0.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 14 KB
3 KB 139ms
137ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/7634-04c472fae60f45a849a0.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 3fd13b0daf2652dbdb226aa907f3bca0cf7d986fe8445cb6beff7f22da20f43f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 02:56:16 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 14298
server: Lego Server
age: 24
etag: W/"657283cf-37da"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 1123785284625330346
accept-ranges: bytes
content-length: 2627
expires: Sun, 07 Jan 2024 02:56:16 GMT

GET
H2 200 9063-94a08e25bf4dc2bdaf80.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 12 KB
4 KB 140ms
137ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/9063-94a08e25bf4dc2bdaf80.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: ee792d6654698f7c088a8ae05942488f954ce013109bd82c4c1c37eb38f6148b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 02:56:12 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 11925
server: Lego Server
age: 6696
etag: W/"657283d0-2e95"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 7565660403616329879
accept-ranges: bytes
content-length: 3791
expires: Sun, 07 Jan 2024 02:56:12 GMT

GET
H2 200 2511-f871ee9e29fdbfa53ccc.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 16 KB
3 KB 140ms
137ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2511-f871ee9e29fdbfa53ccc.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 24d69d92d039760367c17f1b3dc994220ff4471139e943cd24c87ab90f734713

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 03:00:04 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 16119
server: Lego Server
age: 144
etag: W/"657283d0-3ef7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 5886872719752033081
accept-ranges: bytes
content-length: 3109
expires: Sun, 07 Jan 2024 02:57:02 GMT

GET
H2 200 7605-85e9d31bd7efd778ba22.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 18 KB
3 KB 140ms
137ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/7605-85e9d31bd7efd778ba22.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 2ac05fa6e28bdd8a7dae41f39d4f0d1d1fdd2375132dc85e99a9e35fbb24d880

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 15:02:21 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 18841
server: Lego Server
age: 0
etag: W/"6572d775-4999"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 15962388815565612079
accept-ranges: bytes
content-length: 2993
expires: Tue, 09 Jan 2024 15:02:21 GMT

GET
H2 200 2820-202f6e506eae7595d2a9.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 15 KB
4 KB 140ms
137ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2820-202f6e506eae7595d2a9.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: b2bb8debb0b4e407cc789a3841d55f3c8e9f7804e91e77a056b529de9803f42c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 04:26:26 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 14976
server: Lego Server
age: 0
etag: W/"6577d102-3a80"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 17164864207422557756
accept-ranges: bytes
content-length: 3481
expires: Thu, 11 Jan 2024 04:26:26 GMT

GET
H2 200 1918-d561770b85deea6d272c.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 41 KB
9 KB 140ms
138ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/1918-d561770b85deea6d272c.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: fe00fe0cd2d9d5daf36801a5e2a5b72a39090003ed239fd412a0e789b2e97c63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 02:57:02 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 41803
server: Lego Server
age: 0
etag: W/"657283cf-a34b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 7775777287620548700
accept-ranges: bytes
content-length: 9255
expires: Sun, 07 Jan 2024 02:57:01 GMT

GET
H2 200 firstpage-f3bb103aeb28ef2d1af8.js Show response
s.isanook.com/sr/0/_next/static/chunks/pages/common/ 271 KB
44 KB 140ms
138ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/common/firstpage-f3bb103aeb28ef2d1af8.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: c694120d4c491494170bc68955792636a4016f9f44d1720818fa6c2ca35888f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 02:57:17 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 277930
server: Lego Server
age: 6310
etag: W/"657283d0-43daa"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 6660767097233955450
accept-ranges: bytes
content-length: 44678
expires: Sun, 07 Jan 2024 02:57:17 GMT

GET
H2 200 _buildManifest.js Show response
s.isanook.com/sr/0/_next/static/PCxnvH2-Ug_oi_g4kX2pf/ 27 KB
7 KB 269ms
266ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/PCxnvH2-Ug_oi_g4kX2pf/_buildManifest.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: dae6e68572a869a60c0ed61fda94e5e7b4df1bbbc42788ce9bf407dbafafde3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 03:58:40 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 27526
server: Lego Server
age: 3561
etag: W/"657bc8a5-6b86"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 10058607613691915180
accept-ranges: bytes
content-length: 7036
expires: Sun, 14 Jan 2024 03:58:40 GMT

GET
H2 200 _ssgManifest.js Show response
s.isanook.com/sr/0/_next/static/PCxnvH2-Ug_oi_g4kX2pf/ 77 B
358 B 283ms
281ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/PCxnvH2-Ug_oi_g4kX2pf/_ssgManifest.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 03:58:40 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 15 Dec 2023 03:31:49 GMT
server: Lego Server
age: 176
etag: "657bc8a5-4d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 15720000448127977696
accept-ranges: bytes
content-length: 77
expires: Sun, 14 Jan 2024 03:58:40 GMT

GET
H2 200 NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL.js Show response
cdn.ocmtag.com/tag/ 191 B
688 B 460ms
56ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ocmtag.com/tag/NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL.js
Requested by: Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62998eb230205cec9dbb97bedc6654520af6e3b2b452f17c38b54eb10829a005

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4660
alt-svc: h3=":443"; ma=86400
service-worker-allowed: /
last-modified: Thu, 27 Apr 2023 11:52:10 GMT
server: cloudflare
etag: W/"644a61ea-bf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j658ClsGlnhDIdD03tU%2F49Hzk4eEqQgqP6ftShFMmuiShLuHpiIOy5QnjlZGsXIPn8DxJ4jXGgezUsZ7XXbEVjga4Thvslv6XscPZuvJDzt1nTDcdt72yn5ZAnQo0IaVga4CNw1S9oDYVBCP1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 83707a1a8b376619-AMS

GET
H2 204 /
beacon.taboola.com/ 0
136 B 293ms
287ms Image
text/plain 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.taboola.com/?cat=webpush&v=1.5&src=Sanook&event=ask&features=adblock
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: cache-fra-etou8220056-FRA
date: Sun, 17 Dec 2023 16:17:33 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1702829854.726948,VS0,VE0
access-control-allow-methods: GET, POST
content-type
x-cache: HIT
cache-control: private, no-store
access-control-allow-credentials: true
accept-ranges: bytes
retry-after: 0
x-cache-hits: 0

GET spacer.gif
p3.isanook.com/sh/0/di/ac/vl/ 0
0

GET
H2 200 ic-lotto.png
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 2 KB
2 KB 308ms
46ms Image
image/png 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/firstpage/desktop/icons/ic-lotto.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: a2927d4b587bf91bf2a958f9273e01f9447b14a161dda71f961be4be21c77df8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:44:54 GMT
x-cache-lookup: Cache Hit
x-original-content-length: 2847
server: Lego Server
age: 0
etag: W/"PSA-aj-i2eaSDRS-j"
content-type: image/png
access-control-allow-origin: https://www.sanook.com
x-nws-log-uuid: 5284222626658349327
accept-ranges: bytes
content-length: 2056
expires: Fri, 05 Jan 2024 01:49:42 GMT

GET
H2 200 joox.svg
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 1 KB
734 B 306ms
44ms Image
image/svg+xml 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/firstpage/desktop/icons/joox.svg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 0b2e019fbe37d9642ad85f3194ef708e5510f4e580544587d3036d2c6a22809e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 08:38:39 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 29 Nov 2023 06:20:23 GMT
server: Lego Server
age: 0
etag: W/"6566d827-4e7"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 7913557174976911747
accept-ranges: bytes
content-length: 548
expires: Fri, 29 Dec 2023 08:38:39 GMT

GET
H2 200 wetv.svg
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 7 KB
2 KB 305ms
43ms Image
image/svg+xml 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/firstpage/desktop/icons/wetv.svg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 08a8463bf15cca775e8cc01995f1d42758cbda90dee2b7019fee15daa62822c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:29:42 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 12 Dec 2023 05:26:15 GMT
server: Lego Server
age: 0
etag: W/"6577eef7-1a5b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 9071152384912474718
accept-ranges: bytes
content-length: 1827
expires: Thu, 11 Jan 2024 08:29:42 GMT

GET
H2 200 wecomics-d.png
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 3 KB
3 KB 309ms
48ms Image
image/png 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/firstpage/desktop/icons/wecomics-d.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 72b957c8e33b77cbf556151dc0c974c59408561b4bf97828c5b400bb60663138

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 01:49:42 GMT
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
etag: "656d3da2-bec"
content-type: image/png
access-control-allow-origin: https://www.sanook.com
x-nws-log-uuid: 17713266133971694561
accept-ranges: bytes
content-length: 3052
expires: Fri, 05 Jan 2024 01:49:42 GMT

GET
H2 200 pubg.png
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 2 KB
2 KB 308ms
46ms Image
image/png 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/firstpage/desktop/icons/pubg.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: b838ce70a090231be8c745e32e5b6544bb0aa5c4e83ea15cf992feab33989be2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:16:08 GMT
x-cache-lookup: Cache Hit
x-original-content-length: 2246
server: Lego Server
age: 0
etag: W/"PSA-aj-MwUb6a4gDP"
content-type: image/png
access-control-allow-origin: https://www.sanook.com
x-nws-log-uuid: 5296172342439060529
accept-ranges: bytes
content-length: 1852
expires: Fri, 05 Jan 2024 01:49:42 GMT

GET
H2 200 ic-findluckynumber.svg
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 2 KB
1 KB 345ms
84ms Image
image/svg+xml 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/firstpage/desktop/icons/ic-findluckynumber.svg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: bb9ed1770e9024deb98eee45ba561267d7ef74129e952928e7d62d581948bc0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 08:41:50 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 29 Nov 2023 06:20:23 GMT
server: Lego Server
age: 0
etag: W/"6566d827-9f1"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 7055578699997165093
accept-ranges: bytes
content-length: 1107
expires: Fri, 29 Dec 2023 08:41:50 GMT

GET
H2 200 tagline-template-update-april.jpg
s.isanook.com/fi/0/fp/393/1967869/ 41 KB
42 KB 306ms
44ms Image
image/jpg 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/393/1967869/tagline-template-update-april.jpg?ip/crop/w555h333/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

9f8d122f1588a26ef386a215fd7bd8f37bb8804a9896070302bc872fa5966a11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:12:04 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/jpg
cache-control: max-age=2592000
x-nws-log-uuid: 3791421795231227830
accept-ranges: bytes
content-length: 42376
expires: Tue, 16 Jan 2024 15:12:04 GMT

GET
H2 200 dd(1).jpg
s.isanook.com/fi/0/fp/391/1959729/ 11 KB
11 KB 401ms
138ms Image
image/jpg 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/391/1959729/dd(1).jpg?ip/crop/w268h151/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

436f0b60b682579b473968657d43c773c7666809230e42b720fc2fc3d047494b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 12:04:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 783
content-type: image/jpg
cache-control: max-age=2592000
x-nws-log-uuid: 15641075663720429611
accept-ranges: bytes
content-length: 11465
expires: Tue, 16 Jan 2024 12:04:16 GMT

GET
H2 200 new_sanook_thumbnail_1200x720.jpg
s.isanook.com/fi/0/fp/393/1967641/ 11 KB
11 KB 269ms
266ms Image
image/jpg 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/393/1967641/new_sanook_thumbnail_1200x720.jpg?ip/crop/w268h151/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

9c33ff539be42e647fd2fa5369a5c2203c88dcc33b50528018f4bd8228cbebab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 13:17:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/jpg
cache-control: max-age=2592000
x-nws-log-uuid: 16251212523240016423
accept-ranges: bytes
content-length: 11234
expires: Tue, 16 Jan 2024 13:17:24 GMT

GET
H2 200 p_sport-2023-12-17t115606.4.jpg
s.isanook.com/fi/0/fp/393/1967693/ 9 KB
10 KB 269ms
267ms Image
image/jpg 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/393/1967693/p_sport-2023-12-17t115606.4.jpg?ip/crop/w268h151/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

98ee3328726e630fb64da0d696d2817005cf609a3404f7fd0761fece533be0f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 13:04:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 744
content-type: image/jpg
cache-control: max-age=2592000
x-nws-log-uuid: 17708035785214540619
accept-ranges: bytes
content-length: 9577
expires: Tue, 16 Jan 2024 13:04:59 GMT

GET
H2 200 matepad-air_th.jpg
s.isanook.com/fi/0/fp/393/1967217/ 8 KB
8 KB 277ms
275ms Image
image/jpg 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/393/1967217/matepad-air_th.jpg?ip/crop/w268h151/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

5bb774fb865da61dae0b65bf25d3c6f9348e2b259aaef923cb042024fe0f5bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 13:05:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 711
content-type: image/jpg
cache-control: max-age=2592000
x-nws-log-uuid: 8805712947108122961
accept-ranges: bytes
content-length: 7953
expires: Tue, 16 Jan 2024 13:05:32 GMT

GET
H2 200 sanook_thumbnail_2023(73).jpg
s.isanook.com/fi/0/fp/393/1967621/ 3 KB
4 KB 272ms
269ms Image
image/jpg 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/393/1967621/sanook_thumbnail_2023(73).jpg?ip/crop/w172h97/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

01e961362810d1c8c1e67cfc8ed95b51a9ce60244da9f896ba8de49f591acb6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 13:17:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/jpg
cache-control: max-age=2592000
x-nws-log-uuid: 14113183455349275380
accept-ranges: bytes
content-length: 3494
expires: Tue, 16 Jan 2024 13:17:24 GMT

GET
H2 200 03.jpg
s.isanook.com/fi/0/fp/390/1953709/ 4 KB
4 KB 269ms
267ms Image
image/jpg 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/390/1953709/03.jpg?ip/crop/w172h97/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

5f0d4b3fa98a300ac1b5055301e8df30c479f98ef17134b40fd7d1b6ef7439da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 13:17:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/jpg
cache-control: max-age=2592000
x-nws-log-uuid: 10261301012943523689
accept-ranges: bytes
content-length: 4350
expires: Tue, 16 Jan 2024 13:17:24 GMT

GET
H2 200 1200x720_14.jpg
s.isanook.com/fi/0/fp/393/1966321/ 7 KB
7 KB 277ms
275ms Image
image/jpg 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/393/1966321/1200x720_14.jpg?ip/crop/w172h97/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

e364858ef5498efcd2a89b1ab43ba7c2a450344ae3329695ce115b51b224b9ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:40:15 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/jpg
cache-control: max-age=2592000
x-nws-log-uuid: 12373528673284022577
accept-ranges: bytes
content-length: 6685
expires: Tue, 16 Jan 2024 01:40:15 GMT

GET
H2 200 h9.jpg
s.isanook.com/fi/0/fp/393/1966533/ 4 KB
4 KB 282ms
280ms Image
image/jpg 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/393/1966533/h9.jpg?ip/crop/w172h97/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

9490faac2fae857cffea98f418d15c9d5a66f70c57642fd65d77c633de83578a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 13:08:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 542
content-type: image/jpg
cache-control: max-age=2592000
x-nws-log-uuid: 15897968598757200843
accept-ranges: bytes
content-length: 3593
expires: Tue, 16 Jan 2024 13:08:21 GMT

GET
H2 200 7.jpg
s.isanook.com/fi/0/fp/393/1967737/ 6 KB
6 KB 277ms
275ms Image
image/jpg 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/393/1967737/7.jpg?ip/crop/w172h97/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

2656439baaa1e22176e27fba2993b54682f99ddf03c7a9e1276ec5c9e113c962

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:00:05 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/jpg
cache-control: max-age=2592000
x-nws-log-uuid: 9048938464789091701
accept-ranges: bytes
content-length: 5946
expires: Tue, 16 Jan 2024 14:00:05 GMT

GET
H2 200 gamer_1200x720.jpg
s.isanook.com/fi/0/fp/357/1789513/ 5 KB
5 KB 277ms
275ms Image
image/jpg 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/357/1789513/gamer_1200x720.jpg?ip/crop/w172h97/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

9fcb61b1ebede6235a8da1e9c82dce2dd5945790bcc05f20c8e257e8931a182e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 05:36:15 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/jpg
cache-control: max-age=2592000
x-nws-log-uuid: 17429917496996442631
accept-ranges: bytes
content-length: 5066
expires: Sat, 13 Jan 2024 05:36:15 GMT

GET
H2 200 sanook_thumbnail_1200x720(40.jpg
s.isanook.com/fi/0/fp/393/1967609/ 6 KB
6 KB 278ms
276ms Image
image/jpg 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/393/1967609/sanook_thumbnail_1200x720(40.jpg?ip/crop/w172h97/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

a95c0b8697df5726a5be46013ce3c4b3673aff2552737e7916d1031445da4a84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 09:04:33 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 265
content-type: image/jpg
cache-control: max-age=2592000
x-nws-log-uuid: 5803842363459291184
accept-ranges: bytes
content-length: 6192
expires: Tue, 16 Jan 2024 09:04:33 GMT

GET
H2 200 tagline-template-update-april.jpg
s.isanook.com/fi/0/fp/391/1957373/ 5 KB
5 KB 281ms
279ms Image
image/jpg 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/391/1957373/tagline-template-update-april.jpg?ip/crop/w172h97/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

b043b201fd72c811f5da5481afa88ad3677eb05254889620391eb6ad0a8b9ff2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 11:11:53 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/jpg
cache-control: max-age=2592000
x-nws-log-uuid: 15521935904412605444
accept-ranges: bytes
content-length: 5114
expires: Tue, 16 Jan 2024 11:11:53 GMT

GET
H2 200 oppa.js Show response
p3.isanook.com/sh/0/js/ 537 B
592 B 593ms
40ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.isanook.com/sh/0/js/oppa.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 07:38:02 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 17 May 2017 08:37:40 GMT
server: Lego Server
age: 85748
etag: "591c0bd4-219"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 3220139811634321970
accept-ranges: bytes
content-length: 363
expires: Thu, 28 Dec 2023 07:38:02 GMT

GET
H2 200 1489944661112333 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 44ms
43ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1489944661112333?v=2.9.138&r=stable&domain=www.sanook.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f044c49a5db03bc023e8900a97a4499f6d5c15c8efce18aa9cd289d0e45921f2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 17 Dec 2023 16:17:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35593
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 4OJXOtvygH++zBccUaZV0XOfgRbDIgYy1PqCTxBKmWa5UG4iqGsMZQ45DKfVhfZGFgDfKW7XimiCZYn1CMa4fA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 logo-sanook-n.svg
s.isanook.com/sr/0/images/ 11 KB
5 KB 304ms
43ms Image
image/svg+xml 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/logo-sanook-n.svg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 412e44de7c09f2b8d76b1ad4ca25cc6915bcca5d737aaa7c5a6b44e5965d1d6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 14:56:18 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 08 Dec 2023 08:45:05 GMT
server: Lego Server
age: 46154
etag: W/"6572d791-2b18"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 4802741675703338294
accept-ranges: bytes
content-length: 4394
expires: Tue, 09 Jan 2024 14:56:18 GMT

GET
H2 200 prompt-regular-webfont.woff2
s.isanook.com/sr/0/fonts/prompt/ 50 KB
51 KB 324ms
39ms Font
font/woff2 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/prompt/prompt-regular-webfont.woff2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 8756f19020bac3a40d2a403c5f5bcf3ac5034bc0da074d6a383bbe6c32561de5

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 04:47:18 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 08 Dec 2023 08:44:42 GMT
server: Lego Server
age: 100847
etag: "6572d77a-c8dc"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 4504518106266270369
accept-ranges: bytes
content-length: 51420
expires: Wed, 10 Jan 2024 04:47:18 GMT

GET
H2 200 SukhumvitReg.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 31 KB
31 KB 413ms
130ms Font
font/woff2 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitReg.woff2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 06:32:15 GMT
x-cache-lookup: Cache Hit
last-modified: Mon, 27 Nov 2023 02:58:21 GMT
server: Lego Server
age: 71753
etag: "656405cd-7a90"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 16690356037796681807
accept-ranges: bytes
content-length: 31376
expires: Thu, 28 Dec 2023 06:32:15 GMT

GET
H2 200 prompt-bold-webfont.woff2
s.isanook.com/sr/0/fonts/prompt/ 52 KB
52 KB 323ms
39ms Font
font/woff2 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/prompt/prompt-bold-webfont.woff2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: d68c3ead837103c502de483abfdb0167fa83abe2a3ba452df2d5f216289f6c9f

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 01:31:03 GMT
x-cache-lookup: Cache Hit
last-modified: Tue, 28 Nov 2023 12:27:27 GMT
server: Lego Server
age: 0
etag: "6565dcaf-cf40"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 6052217704999676838
accept-ranges: bytes
content-length: 53056
expires: Fri, 29 Dec 2023 01:31:03 GMT

GET
H2 200 prompt-semibold-webfont.woff2
s.isanook.com/sr/0/fonts/prompt/ 50 KB
51 KB 323ms
40ms Font
application/octet-stream 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/prompt/prompt-semibold-webfont.woff2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 211ce11050c57b74d7f793232305a8ee5cea7f061366efaa6df4bff5cb7a2495

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 10:00:44 GMT
x-cache-lookup: Cache Hit
last-modified: Wed, 29 Nov 2023 06:20:13 GMT
server: Lego Server
age: 0
etag: W/"6566d81d-c930"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 859497682698655975
accept-ranges: bytes
content-length: 51504
expires: Fri, 29 Dec 2023 10:00:44 GMT

GET
H2 200 SukhumvitBold.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 31 KB
32 KB 403ms
120ms Font
font/woff2 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitBold.woff2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 06:47:22 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 08 Dec 2023 08:44:44 GMT
server: Lego Server
age: 0
etag: "6572d77c-7df4"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 15459256572237820912
accept-ranges: bytes
content-length: 32244
expires: Wed, 10 Jan 2024 06:47:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
85 KB 56ms
55ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

39a8c3d51f1e7e9cd489da87221cc4d8bc854a4de9b3dc15d000231b37cc3cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86950
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Dec 2023 16:17:33 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1007499765/ 3 KB
2 KB 181ms
82ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1007499765/?random=1702829853494&cv=11&fst=1702829853494&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&bttype=purchase&auid=1128908288.1702829853&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

cc37a5c347dd6d2cdd206b898667a8582f0b9eb42823c88735238b344ebab4b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1686
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/ 3 KB
2 KB 169ms
81ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/?random=1702829853499&cv=11&fst=1702829853499&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&auid=1128908288.1702829853&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62f13c32ec22cd93dde4f5d90bd0804431b827940b8273bc4786bf790f975bc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 128ms
40ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 15:22:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3308
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 17 Dec 2023 17:22:25 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 189ms
39ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1489944661112333&ev=PageView&dl=https%3A%2F%2Fwww.sanook.com%2F&rl=&if=false&ts=1702829853538&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702829853538.1801410464&ler=empty&it=1702829853435&coo=false&rqm=GET

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 17 Dec 2023 16:17:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
244 B 133ms
48ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-M0RYDTKBFK&gtm=45je3bt0v888883767z877572129&_p=1702829852999&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=984302906.1702829854&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&sid=1702829853&sct=1&seg=0&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&en=page_view&_fv=1&_nsi=1&_ss=2&ep.user_session_id=1702829853490.7zm34vaq&ep.content_channel=firstpage&ep.content_page_format=indexpage&ep.adblock_tracker=false&upn.user_login=0&tfd=2120
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 147ms
48ms Ping
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M0RYDTKBFK&cid=984302906.1702829854&gtm=45je3bt0v888883767z877572129&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 162ms
65ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M0RYDTKBFK&cid=984302906.1702829854&gtm=45je3bt0v888883767z877572129&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=99108105

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 base-icon-v1.0.50.woff2
s.isanook.com/sr/0/fonts/icon/ 44 KB
45 KB 89ms
89ms Font
application/octet-stream 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/icon/base-icon-v1.0.50.woff2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 745f76c8d7cfbe00c5f1d9cd212b35730ca273ebdf6f8b0f3f4f69e0ccb2ba29

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 06:46:01 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 29 Nov 2023 06:20:14 GMT
server: Lego Server
age: 0
etag: W/"6566d81e-b12c"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 17710248689299261789
accept-ranges: bytes
content-length: 45389
expires: Fri, 29 Dec 2023 06:46:01 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/155976/781/ 2 MB
247 KB 143ms
44ms Script
application/javascript 2.19.244.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.244.232 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-244-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 32d4e32610f665f17e5f51340879ea8ef32485270d3e74e8e70eeae967b32cfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:34 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 07:17:44 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=121896
accept-ranges: bytes
content-length: 252083
expires: Tue, 19 Dec 2023 02:09:10 GMT

POST
H2 201 activity
t.ocmhood.com/v2/ 0
266 B 165ms
74ms Ping
application/octet-stream 2606:4700:20::681a:6e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.ocmhood.com/v2/activity
Requested by: Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 17 Dec 2023 16:17:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RGaa9Oq2xB%2BDynE5HFFQqQshz%2Frvo7VygMw%2Bh9EL4ceYWT6IozLVsU2WSNQetbsfOCAj2cwE5iS5DkHrxnd%2Fb74Y4WcyPARV3nkiwSm8RAAOockyGwynmRD212d52oInEdflz7%2FXWoX6AeU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: no-cache
cf-ray: 83707a1ccc3e1911-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 201 activity
t.ocmhood.com/v2/ 0
436 B 148ms
68ms Ping
application/octet-stream 2606:4700:20::681a:6e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.ocmhood.com/v2/activity
Requested by: Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 17 Dec 2023 16:17:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QKt0MROVxDzb%2B2tkJGnMkkJVYtG7Ta391wxT6irIOW8%2BwNx%2FLUjQfIxB5kL95xxDhg7AmQnTmffwvUyJfp1MOmU0EKwG7JYZVvzx9xZU4VotChc1ig%2FoLMv%2BqDjnh258g8w8zeL0zzIV5Pc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: no-cache
cf-ray: 83707a1ccc401911-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 204 /
beacon.taboola.com/ 0
77 B 47ms
47ms Image
text/plain 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.taboola.com/?cat=webpush&v=1.5&src=Sanook&event=cancel&features=adblock
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: cache-fra-etou8220056-FRA
date: Sun, 17 Dec 2023 16:17:34 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1702829854.062746,VS0,VE0
access-control-allow-methods: GET, POST
content-type
x-cache: HIT
cache-control: private, no-store
access-control-allow-credentials: true
accept-ranges: bytes
retry-after: 0
x-cache-hits: 0

GET
H3

200

/
www.google.de/pagead/1p-conversion/1007499765/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=1062747507&cv=11&fst=1702829853494&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&gcd=11l1l1l1l1&dma_cps=sypham&...
https://www.google.com/pagead/1p-conversion/1007499765/?random=1062747507&cv=11&fst=1702829853494&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=12...
https://www.google.de/pagead/1p-conversion/1007499765/?random=1062747507&cv=11&fst=1702829853494&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=120...

42 B
64 B

53ms
53ms

Image
image/gif

2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1007499765/?random=1062747507&cv=11&fst=1702829853494&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&auid=1128908288.1702829853&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VjVHNnUVJpYzNBMl9ITnZrQklTZ2ZRc3NEemMxamEzN2ZVS2JlUzdwanlMaWcaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE0tc3JBblllRGZrQVJoOWl0ZGZ3MlpxTTBaQk83azh3YnFPZzdTU0RNUHBidGFLMXY4Qnc3SWJtQSITCJmMvcTvloMDFSoIogMdMWYFHQ&is_vtc=1&ocp_id=HR9_ZdmJPKqQiM0PscyV6AE&cid=CAQSKQAvHhf_27I2zuKJfBavVZpOOrMYbX1fahBG-ARmvyNMpngUy08Cn4ec&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzi_jm7jTqNCGh5CThcFp44Oks25LxW_c0w&random=3284570421&ipr=y

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1007499765/?random=1062747507&cv=11&fst=1702829853494&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&auid=1128908288.1702829853&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VjVHNnUVJpYzNBMl9ITnZrQklTZ2ZRc3NEemMxamEzN2ZVS2JlUzdwanlMaWcaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE0tc3JBblllRGZrQVJoOWl0ZGZ3MlpxTTBaQk83azh3YnFPZzdTU0RNUHBidGFLMXY4Qnc3SWJtQSITCJmMvcTvloMDFSoIogMdMWYFHQ&is_vtc=1&ocp_id=HR9_ZdmJPKqQiM0PscyV6AE&cid=CAQSKQAvHhf_27I2zuKJfBavVZpOOrMYbX1fahBG-ARmvyNMpngUy08Cn4ec&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzi_jm7jTqNCGh5CThcFp44Oks25LxW_c0w&random=3284570421&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
221 B 48ms
48ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1857330203&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAEK~&jid=556846134&gjid=1996693104&cid=984302906.1702829854&tid=UA-8147095-6&_gid=1495663451.1702829854&_r=1&_slc=1&gtm=45He3bt0n81PNXLXRSv77572129&cd4=0&cd12=1702829853500.7hf4q0jc&cd22=firstpage&cd23=indexpage&cd43=0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1965516911

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1bf2204e4bc320500b589d112b120f2c00240f6bac71af61590485ae0ebc5998

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hub.html Show response
p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/ Frame 7634 236 B
399 B 674ms
462ms Document
text/html 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-eb1165ea7721a933cb0e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 145
cache-control: no-cache, max-age=0
content-encoding: gzip
content-length: 192
content-type: text/html
date: Sun, 17 Dec 2023 16:15:09 GMT
server: Lego Server
vary: Accept-Encoding
x-cache-lookup: Cache Miss Hit From Inner Cluster Cache Miss
x-nws-log-uuid: 7631292456390066173
x-page-speed: 1.13.35.2-0

OPTIONS
H/1.1 204
No Content /
graph.sanook.com/ Frame 0
0 1425ms
243ms Preflight 203.151.128.172
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.sanook.com/?operationName=getFirstpageLatestEntryConnection&variables=%7B%22channels%22%3A%5B%22firstpage%22%5D%2C%22types%22%3A%5B%22content%22%5D%2C%22categoryIds%22%3A%7B%22channel%22%3A%22firstpage%22%2C%22ids%22%3A%5B794%5D%7D%2C%22categorySlugs%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22slugs%22%3A%5B%22hotnews%22%5D%7D%5D%2C%22orderBy%22%3A%7B%22direction%22%3A%22DESC%22%2C%22field%22%3A%22STICKY%22%7D%2C%22first%22%3A4%2C%22excludeEntries%22%3A%5B%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967869%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967861%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967749%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967785%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967853%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1959729%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967641%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967693%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967217%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967621%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1953709%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1966321%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1966533%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967737%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1789513%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967609%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1957373%7D%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22e838b992f7a7cc1c8b668a941703f23d86e1cac625b856a8370085b3e2cd253f%22%7D%7D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

203.151.128.172 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),

Reverse DNS

172.128.151.203.sta.inet.co.th

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.sanook.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Origin: https://www.sanook.com
Access-Control-Max-Age: 300
Connection: keep-alive
Date: Sun, 17 Dec 2023 16:17:35 GMT
G-API-Cache-Status: BYPASS
Server: nginx
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Vary: Origin

OPTIONS
H/1.1 204
No Content /
graph.sanook.com/ Frame 0
0 1411ms
237ms Preflight 203.151.128.172
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.sanook.com/?operationName=getFirstpageLatestEntryConnection&variables=%7B%22channels%22%3A%5B%22firstpage%22%5D%2C%22types%22%3A%5B%22content%22%5D%2C%22categoryIds%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22ids%22%3A%5B794%5D%7D%5D%2C%22categorySlugs%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22slugs%22%3A%5B%22ch-entertain%22%5D%7D%5D%2C%22first%22%3A4%2C%22excludeEntries%22%3A%5B%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967869%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967861%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967749%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967785%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967853%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1959729%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967641%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967693%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967217%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967621%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1953709%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1966321%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1966533%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967737%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1789513%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967609%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1957373%7D%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22e838b992f7a7cc1c8b668a941703f23d86e1cac625b856a8370085b3e2cd253f%22%7D%7D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

203.151.128.172 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),

Reverse DNS

172.128.151.203.sta.inet.co.th

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.sanook.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Origin: https://www.sanook.com
Access-Control-Max-Age: 300
Connection: keep-alive
Date: Sun, 17 Dec 2023 16:17:35 GMT
G-API-Cache-Status: BYPASS
Server: nginx
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Vary: Origin

GET
H2 200 cookiepolicy.png
s.isanook.com/sr/0/images/ 17 KB
17 KB 39ms
39ms Image
image/png 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/cookiepolicy.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: d57aeaf80265f0b85de1bf9798c3eb60e8b8a71869a16cea4873e21667c9f657

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 02:17:23 GMT
x-cache-lookup: Cache Hit
last-modified: Tue, 28 Nov 2023 12:27:37 GMT
server: Lego Server
age: 0
etag: "6565dcb9-428b"
content-type: image/png
cache-control: s-maxage=10
x-nws-log-uuid: 11855006117351007471
accept-ranges: bytes
content-length: 17035

GET
H/1.1 200
OK sanook_trend Show response
sloth-api.sanook.com/api/ 909 B
1 KB 1573ms
226ms XHR
application/json 203.151.130.72
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://sloth-api.sanook.com/api/sanook_trend?channel=all&t=473008
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/9669-b56602280eb9384c191d.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 203.151.130.72 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 72.130.151.203.sta.inet.co.th
Software: nginx / Express
Resource Hash: 878c87c5d3e390a2b035362cd95500c82a86d480c8e82164dba82385f0185dc3

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-Response-Time: 0.625ms
Date: Sun, 17 Dec 2023 16:17:35 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"38d-KXIef6PXSvEimBwO1JvHnnXpdf0"
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Content-Length: 909
Expires: Tue, 16 Jan 2024 16:17:35 GMT

GET
H/1.1 200
OK / Show response
graph.sanook.com/ 6 KB
2 KB 230ms
229ms Fetch
application/json 203.151.128.172
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-eb1165ea7721a933cb0e.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

203.151.128.172 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),

Reverse DNS

172.128.151.203.sta.inet.co.th

Software

nginx /

Resource Hash

ec6bfa1a7829b5bc2346d4d4fe55076442c88a688b78b8e048e4e78d2771db2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept: */*
Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

Date: Sun, 17 Dec 2023 16:17:35 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Server: nginx
ETag: W/"19ca-ct1Vy9xBmQ/ZBiYu7bxCXE0utrs"
X-Cache-Status: EXPIRED
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.sanook.com
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Credentials: true
G-API-Cache-Status: HIT
Connection: keep-alive
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization

GET
H/1.1 200
OK / Show response
graph.sanook.com/ 6 KB
2 KB 224ms
224ms Fetch
application/json 203.151.128.172
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.sanook.com/?operationName=getFirstpageLatestEntryConnection&variables=%7B%22channels%22%3A%5B%22firstpage%22%5D%2C%22types%22%3A%5B%22content%22%5D%2C%22categoryIds%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22ids%22%3A%5B794%5D%7D%5D%2C%22categorySlugs%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22slugs%22%3A%5B%22ch-entertain%22%5D%7D%5D%2C%22first%22%3A4%2C%22excludeEntries%22%3A%5B%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967869%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967861%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967749%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967785%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967853%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1959729%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967641%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967693%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967217%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967621%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1953709%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1966321%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1966533%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967737%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1789513%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967609%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1957373%7D%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22e838b992f7a7cc1c8b668a941703f23d86e1cac625b856a8370085b3e2cd253f%22%7D%7D

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-eb1165ea7721a933cb0e.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

203.151.128.172 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),

Reverse DNS

172.128.151.203.sta.inet.co.th

Software

nginx /

Resource Hash

227e3aaf68e061877bec62f5cdfc357daa7e880ef97481b6b58ead38491bbbc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept: */*
Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

Date: Sun, 17 Dec 2023 16:17:35 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Server: nginx
ETag: W/"17e0-u4PppNepqOblATziFlXsSjn40no"
X-Cache-Status: EXPIRED
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.sanook.com
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Credentials: true
G-API-Cache-Status: HIT
Connection: keep-alive
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 536F 15 KB
6 KB 129ms
45ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fd8c1cf4274cae5e1e5a37133cc23b80392ef88c43b798d3748f43948dbb53f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 17 Dec 2023 16:17:33 GMT
server: Kestrel
server-processing-duration-in-ticks: 325430
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H/1.1 200
OK dc-script-v2.min.js Show response
sal.isanook.com/dc/ 25 KB
10 KB 2566ms
244ms Script
application/javascript 203.151.133.6
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://sal.isanook.com/dc/dc-script-v2.min.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.151.133.6 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 6.134.151.203.sta.inet.co.th
Software: nginx /
Resource Hash: 3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 17 Dec 2023 16:17:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Nov 2020 11:46:30 GMT
Server: nginx
ETag: W/"5fb26696-62be"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Tue, 16 Jan 2024 16:17:36 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/408516141/ 42 B
455 B 136ms
54ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/408516141/?random=1702829853499&cv=11&fst=1702828800000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_HbqTChe2NHlny4TGLk9OC7CNLWnbyA&random=672558739&rmt_tld=0&ipr=y

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/408516141/ 42 B
154 B 50ms
50ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/408516141/?random=1702829853499&cv=11&fst=1702828800000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_HbqTChe2NHlny4TGLk9OC7CNLWnbyA&random=672558739&rmt_tld=1&ipr=y

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 49ms
48ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-8147095-6&cid=984302906.1702829854&jid=556846134&gjid=1996693104&_gid=1495663451.1702829854&_u=YADAAEAAAAAAACAEK~&z=286849934

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 17 Dec 2023 16:17:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 236 KB
83 KB 55ms
55ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-17F0RQM2JW&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e74dd3e4008f14b890f198e3d55e41819f7b84004802dbc06905e53dcd62522a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84565
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Dec 2023 16:17:34 GMT

GET
H2 200 goggen.php
lvs2.truehits.in.th/ 91 B
292 B 225ms
225ms Image
image/jpeg 203.154.58.214
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lvs2.truehits.in.th/goggen.php?hc=d0004449&bv=0&rf=bookmark&web=XWBFy2wEhYxUIOC5UYxOcQ%3D%3D&bn=Netscape&ss=1600*1200&sc=24&sv=1.3&ck=y&ja=n&vt=C5081AE1.1&fp=d&fv=-&truehitspage=sanook.www.index&truehitsurl=https%3a//www.sanook.com/&async=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.58.214 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-58-214.northern.inet.co.th
Software: nginx/1.23.3 /
Resource Hash: 44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/jpeg
pragma: no-cache
date: Sun, 17 Dec 2023 16:17:34 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: nginx/1.23.3
p3p: CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 115ms
98ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-8147095-6&cid=984302906.1702829854&jid=556846134&_u=YADAAEAAAAAAACAEK~&z=1458454369

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 62ms
62ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-8147095-6&cid=984302906.1702829854&jid=556846134&_u=YADAAEAAAAAAACAEK~&z=1458454369

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 floors.json Show response
ads.pubmatic.com/AdServer/js/pwt/floors/155976/781/ 369 B
613 B 130ms
43ms XHR
application/json 2.19.244.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/floors/155976/781/floors.json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.244.232 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-244-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4f80b6b9492d8591d006c59512737b2bf8509b15deb91a57ee74d8742905554e

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 17 Dec 2023 16:17:34 GMT
content-encoding: gzip
last-modified: Fri, 15 Dec 2023 14:39:58 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
content-type: application/json
cache-control: public, max-age=8625
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 208
expires: Sun, 17 Dec 2023 18:41:19 GMT

GET
H2 200 geo Show response
ut.pubmatic.com/ 12 B
93 B 159ms
44ms XHR
application/json 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://ut.pubmatic.com/geo?pubid=155976
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 642e0c55f52b2a291e47f5ab2d322e35f6776d8ce73b9cc0bd86c65bd4a26620

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sun, 17 Dec 2023 16:17:34 GMT
cache-control: max-age=172800
content-length: 12
content-type: application/json

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 90 KB
29 KB 218ms
124ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94dfca5e1c1e2144856593f12684f74da76179d1d681fef333a55f2913d8d1ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29565
x-xss-protection: 0
server: cafe
etag: 121 / 19708 / m202312060101 / config-hash: 17400476758908410755
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 16:17:34 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 536F
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=sanook.com&sn=ChromeSyncframe&so=0&topUrl=www.sanook.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=iZK39XxBWXN1WE5adnR1NkkvYjN0VzE5ZDdYdyt4NlJsWTkxc2tNK2M4Y25TKy8wcUlkTzY3MXoxZkZvYW1oaUg1YkRqc1BZajVGeDg3NjFIMk1CdzJsV1dob3AvSTFiK2czSU83bmtZakJ5dnJuOEpoQmQyOExUaC95V3...

433 B
652 B

43ms
43ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=iZK39XxBWXN1WE5adnR1NkkvYjN0VzE5ZDdYdyt4NlJsWTkxc2tNK2M4Y25TKy8wcUlkTzY3MXoxZkZvYW1oaUg1YkRqc1BZajVGeDg3NjFIMk1CdzJsV1dob3AvSTFiK2czSU83bmtZakJ5dnJuOEpoQmQyOExUaC95V3dzdXFKK0hlOWJRbmNUTkIyZ29uZkJpTGYvL1liN0RBZm9VTDM4Mk5meE1PMzB2MlcwRW1MaXd3cmZ1T1N5MTlGY1JoSmJ6VzJ2NTE2KzVyTExrR2ZCR3NZTG9PZDdIVFpmWU1HQ3haV05BMU82RFZwZFdQS1lDaHMrdW9vUzdiajcyWE1pU1BRZ1RlSmxZMGxHMFh5OGdwVERBWENRQT09fA&cppv=2

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3e0f70c196f0e6fd6c0e9497434f48dc65b478d09d487dcdc2012217671d3a3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:34 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 991457
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:34 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=iZK39XxBWXN1WE5adnR1NkkvYjN0VzE5ZDdYdyt4NlJsWTkxc2tNK2M4Y25TKy8wcUlkTzY3MXoxZkZvYW1oaUg1YkRqc1BZajVGeDg3NjFIMk1CdzJsV1dob3AvSTFiK2czSU83bmtZakJ5dnJuOEpoQmQyOExUaC95V3dzdXFKK0hlOWJRbmNUTkIyZ29uZkJpTGYvL1liN0RBZm9VTDM4Mk5meE1PMzB2MlcwRW1MaXd3cmZ1T1N5MTlGY1JoSmJ6VzJ2NTE2KzVyTExrR2ZCR3NZTG9PZDdIVFpmWU1HQ3haV05BMU82RFZwZFdQS1lDaHMrdW9vUzdiajcyWE1pU1BRZ1RlSmxZMGxHMFh5OGdwVERBWENRQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 269596
content-length: 0
expires: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 46ms
45ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-17F0RQM2JW&gtm=45je3bt0v9134475311&_p=1702829852999&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=984302906.1702829854&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sid=1702829854&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_4=0&ep.ua_dimension_12=1702829853500.7hf4q0jc&ep.ua_dimension_22=firstpage&ep.ua_dimension_23=indexpage&ep.ua_dimension_43=0&tfd=2947
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-17F0RQM2JW&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 49ms
49ms Ping
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-17F0RQM2JW&cid=984302906.1702829854&gtm=45je3bt0v9134475311&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-17F0RQM2JW&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 65ms
65ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-17F0RQM2JW&cid=984302906.1702829854&gtm=45je3bt0v9134475311&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=966104354

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK container_57b51f2f1c51b15b6d1e8553.js Show response
avd.innity.net/225/ 8 KB
4 KB 161ms
39ms Script
application/javascript 23.215.19.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Requested by: Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/oppa.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.215.19.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-19-214.deploy.static.akamaitechnologies.com
Software: nginx/1.20.1 /
Resource Hash: 79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 17 Dec 2023 16:17:34 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Aug 2020 08:27:45 GMT
Server: nginx/1.20.1
ETag: "5f48c001-20eb-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=1174505
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3222
Expires: Sun, 31 Dec 2023 06:32:39 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 134ms
43ms Script
application/javascript 108.157.4.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/beacon.v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.15 , Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-15.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 05:05:41 GMT
content-encoding: gzip
via: 1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:13:41 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 42460
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 8NEzzGdD2Z98qS-zm6sEXiYGv6Jk-G1U4ZHJeXMgRoEfRMfl07ZdKw==

GET
H2 204 b
sb.scorecardresearch.com/ 0
226 B 48ms
48ms Image
text/plain 108.157.4.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=14617386&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1702829854572&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2F&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&c9=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.15 , Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-15.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:34 GMT
via: 1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: sKh6_N8UK_SOCKfmGNSFWXA173WJ34yIXTV3SJyHemoVBASriIjZnQ==
x-cache: Miss from cloudfront

GET
H/1.1 200
OK dc.js Show response
avd.innity.net/lib/ 20 KB
7 KB 40ms
39ms Script
application/javascript 23.215.19.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/lib/dc.js
Requested by: Host: avd.innity.net
URL: https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.215.19.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-19-214.deploy.static.akamaitechnologies.com
Software: nginx/1.20.1 /
Resource Hash: 0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 17 Dec 2023 16:17:34 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Oct 2021 06:40:46 GMT
Server: nginx/1.20.1
ETag: "61725cee-5149-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=742512
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6412
Expires: Tue, 26 Dec 2023 06:32:46 GMT

GET
H/1.1 200
OK container_5f47736a47e7049801000002.js Show response
avd.innity.net/261/ 8 KB
3 KB 80ms
40ms Script
application/javascript 23.215.19.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/261/container_5f47736a47e7049801000002.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.215.19.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-19-214.deploy.static.akamaitechnologies.com
Software: nginx/1.20.1 /
Resource Hash: 2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 17 Dec 2023 16:17:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Sep 2020 01:58:26 GMT
Server: nginx/1.20.1
ETag: "5f73e642-1eac-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=291933
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2870
Expires: Thu, 21 Dec 2023 01:23:07 GMT

GET
H/1.1 200
OK / Show response
avd.innity.com/dc/cb/ 59 B
726 B 1411ms
196ms Script
application/javascript 119.81.216.16
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by: Host: avd.innity.net
URL: https://avd.innity.net/lib/dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 10.d8.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: a66a935c99f0b6fc015a1ccc026d7be4d9c2327b98b019ec1bc758c16491f325

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Dec 2023 16:17:35 GMT
Content-Encoding: gzip
Last-Modified: Sun, 17 Dec 2023 16:17:35 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 79
Expires: Wed, 04 Aug 1985 12:59:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 431 KB
432 KB 126ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 13:14:16 GMT
x-content-type-options: nosniff
age: 10998
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 441821
x-xss-protection: 0
server: cafe
etag: 6854214708762155125
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 16 Dec 2024 13:14:16 GMT

GET
H2 200 hub.js Show response
p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/ Frame 7634 8 KB
3 KB 39ms
39ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/hub.js
Requested by: Host: p3.isanook.com
URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 10:53:33 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 18 Nov 2016 04:14:33 GMT
server: Lego Server
age: 834732
etag: "582e8029-1e6a"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 6432008336478489159
accept-ranges: bytes
content-length: 2483
expires: Tue, 19 Dec 2023 10:53:33 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
193 B 147ms
62ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=145&profileId=184&cb=62259715725

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.sanook.com
date: Sun, 17 Dec 2023 16:17:34 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 147ms
63ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=145&profileId=184&cb=67277817793

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.sanook.com
date: Sun, 17 Dec 2023 16:17:34 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 145ms
66ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=145&profileId=184&cb=13275420369

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.sanook.com
date: Sun, 17 Dec 2023 16:17:34 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
112 B 140ms
45ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=861
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Sun, 17 Dec 2023 16:17:34 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
56 B 141ms
47ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=74
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Sun, 17 Dec 2023 16:17:33 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 213794966 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 155ms
69ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/213794966?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4c0a0f5ed97eea83fbeb45c20d834d703773f091515ae28d250b8d5417b4f4f0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-g1NteKzt5dLN2ihiBBPc0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-g1NteKzt5dLN2ihiBBPc0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
192 B 42ms
42ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.sanook.com
date: Sun, 17 Dec 2023 16:17:34 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 43ms
43ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 11 Dec 2024 16:17:35 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 45ms
45ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 11 Dec 2024 16:17:35 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
56 B 45ms
45ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=460
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Sun, 17 Dec 2023 16:17:35 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 events
bidder.criteo.com/csm/ 0
192 B 42ms
42ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.sanook.com
date: Sun, 17 Dec 2023 16:17:34 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 arj Show response
tencentth-d.openx.net/w/1.0/ 73 B
368 B 174ms
50ms XHR
application/json 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tencentth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sanook.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f6e3bbfc-63da-4574-a287-c5cd08d2542a&nocache=1702829855189&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&aus=300x250%2C257x240%2C300x125&divids=rgpt-reca-4&aucs=%252F4899711%252Fwww.sanook%252Fdesktop%252Fall%252Findexpage%252Freca&auid=542511420
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 9322efdae2c5486beff5f47153438ab4d03e1f72ae8837c75b6684f27d2edd10

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:35 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.sanook.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
56 B 55ms
54ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=830
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Sun, 17 Dec 2023 16:17:35 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
380 B 402ms
271ms XHR
application/json 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:35 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sanook.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Sun, 17 Dec 2023 16:17:35 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 370 B
884 B 221ms
120ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17864&site_id=385176&zone_id=2142876&size_id=15&alt_size_ids=570&rf=https%3A%2F%2Fwww.sanook.com%2F&kw=%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%2C%E0%B8%AB%E0%B8%A7%E0%B8%A2%2C%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A%E0%B8%B2%E0%B8%A5%2C%E0%B8%9F%E0%B8%B1%E0%B8%87%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%2CJoox%2C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%2C%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%2C%E0%B8%A7%E0%B8%B2%E0%B9%84%E0%B8%A3%E0%B8%95%E0%B8%B5%E0%B9%89%2C%E0%B8%81%E0%B8%B5%E0%B8%AC%E0%B8%B2%2C%E0%B8%AB%E0%B8%99%E0%B8%B1%E0%B8%87%2C%E0%B8%A5%E0%B8%B0%E0%B8%84%E0%B8%A3%2C%E0%B8%84%E0%B8%A5%E0%B8%B4%E0%B8%9B%E0%B8%A7%E0%B8%B4%E0%B8%94%E0%B8%B5%E0%B9%82%E0%B8%AD%2C%E0%B8%AA%E0%B8%B8%E0%B8%82%E0%B8%A0%E0%B8%B2%E0%B8%9E%2C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%9A%E0%B8%B1%E0%B8%99%E0%B9%80%E0%B8%97%E0%B8%B4%E0%B8%87%2Csanook%2C%E0%B8%A7%E0%B8%B4%E0%B9%80%E0%B8%84%E0%B8%A3%E0%B8%B2%E0%B8%B0%E0%B8%AB%E0%B9%8C%E0%B8%9A%E0%B8%AD%E0%B8%A5%2C%E0%B9%80%E0%B8%81%E0%B8%A1%2C%E0%B8%94%E0%B8%B9%E0%B8%97%E0%B8%B5%E0%B8%A7%E0%B8%B5%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C&tg_i.page=https%3A%2F%2Fwww.sanook.com%2F&tg_i.domain=sanook.com&tg_i.pbadslot=%2F4899711%2Fwww.sanook%2Fdesktop%2Fall%2Findexpage%2Freca&tk_flint=pbjs_lite_v7.39.0&x_source.tid=f6e3bbfc-63da-4574-a287-c5cd08d2542a&l_pb_bid_id=1440c8430c192ef&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F4899711%2Fwww.sanook%2Fdesktop%2Fall%2Findexpage%2Freca&slots=1&rand=0.29858572892461743
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 107e290e7dc990c5e7d752e1703fc75ba6a4028b90f9833730ef8e7ce801dd38

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:35 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 370
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
546 B 186ms
120ms XHR
application/json 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=575406
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 020056baa8b9a077e7d01ac15265b4708c74c0e6d9681a93f2f5a74e68006631

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3eFaVhyPdwWsMl4Ord2dnJk6EJ%2F7GI9QUkWyo0r8s8pJWTRtBeaLSNK14Wj9KKYXKFVUqk2obaMpC%2BjYogjRX%2FOpR4WU4Q3LFuz9xzlG63lQU2MTeG5ydjqWjZrVIh4ErIFDIjFh"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 83707a237e832671-TXL
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H/1.1 400
Bad Request hb Show response
rtb-eu.andbeyond.media/ 22 B
264 B 152ms
47ms XHR
text/plain 77.245.57.78
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb-eu.andbeyond.media/hb?zone=136922&v=1.6
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.sanook.com
Date: Sun, 17 Dec 2023 16:17:35 GMT
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 22

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 139 B
699 B 142ms
45ms XHR
application/json 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

d89a94b5974cdd891c4bfe752ec0ca47c9c180ffa169560044baf30162cfa869

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:35 GMT
an-x-request-uuid: b0caf05c-a3b9-4b2b-9123-dbcba223e068
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.100; 80.255.7.100; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 139
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
192 B 42ms
42ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.sanook.com
date: Sun, 17 Dec 2023 16:17:34 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
56 B 45ms
44ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=530
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Sun, 17 Dec 2023 16:17:35 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
380 B 312ms
203ms XHR
application/json 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:35 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sanook.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Sun, 17 Dec 2023 16:17:35 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 0F39 16 KB
6 KB 44ms
44ms Document
text/html 2.19.244.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.244.232 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-244-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=23259
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Sun, 17 Dec 2023 16:17:35 GMT
expires: Sun, 17 Dec 2023 22:45:14 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 2055 16 KB
6 KB 45ms
45ms Document
text/html 2.19.244.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.244.232 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-244-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=23259
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Sun, 17 Dec 2023 16:17:35 GMT
expires: Sun, 17 Dec 2023 22:45:14 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 AGSKWxXG3XrsrNk1ikdGH0d9egTl1NGeZwMFO3ndRDsN6U8SyMjRXSYREhKh33q1hmggvzYelPJBzHUg5wmYaq28Sb-pwVnwNOhZ9vQ5ExUdkvAsShU9-H93lgZEkRE1fa2zxiuIinn-Bg== Show response
fundingchoicesmessages.google.com/f/ 4 KB
3 KB 73ms
72ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXG3XrsrNk1ikdGH0d9egTl1NGeZwMFO3ndRDsN6U8SyMjRXSYREhKh33q1hmggvzYelPJBzHUg5wmYaq28Sb-pwVnwNOhZ9vQ5ExUdkvAsShU9-H93lgZEkRE1fa2zxiuIinn-Bg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyODI5ODU1LDI2MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuc2Fub29rLmNvbS8iLG51bGwsW1s4LCJVdkZCUVIzNFM1VSJdLFs5LCJkZSJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMwHoQ20fbHqWwNC8d65sakOgGWhJg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2327a8d8f9653319821ce97921eca3b041216c75909261367d9f94fa175b11d7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-xbqhqc_sD0PPjqd76kt_2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:35 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-xbqhqc_sD0PPjqd76kt_2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 53ms
51ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 05 Dec 2023 05:12:22 GMT
server: nginx
etag: W/"656eb136-aa2f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 18 Dec 2023 16:17:35 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 180ms
86ms Script
text/javascript 18.66.248.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-90.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 04:16:08 GMT
content-encoding: gzip
via: 1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 43290
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: UeD3fEgyrUDoKwBGBmagU1nOEzzAE0A-XgwoKeC89YVsIzVFsYxi4w==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 146ms
42ms Script
text/javascript 2600:9000:243d:cc00:a:e047:753:a221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:243d:cc00:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Sun, 17 Dec 2023 06:19:35 GMT
Via: 1.1 de6f29922e4f6a0a826069fcec45fde6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-P4
Age: 35881
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: qr9Je__l-fPMKHuxj9pO__zySG3nB33S_T3kdnO4uoIMXOhSGA2Ujg==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 125ms
40ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 18:27:07 GMT
content-encoding: gzip
age: 942628
x-guploader-uploadid: ABPtcPrGkX9WdEfraM_2GOgvO4XFku4h6LV8hSZGRCBWDldVHkLv6s4LjI-J4Ekw5y2K4Y2B5aE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 05 Dec 2024 18:27:07 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 152 KB
33 KB 135ms
52ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:35 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Dec 2023 12:57:20 GMT
server: cloudflare
x-amz-request-id: N1Q6XNMTB1RT927G
age: 2522
etag: W/"5fcefeebf5ddc7b2ddf2435967e63de9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 83707a2429532c25-FRA
x-amz-id-2: H5yLzTS5rv+zfAJ5GHpITZE7EAwxhirbEOBmJ+YCokkf7tagMf3Cx7FYsKZxkb/38g29R0nBoyQ=

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 132ms
49ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 37034
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2BEVaB66QfyAnshbOq7PAYg1LUxL4qIG6e3bUc0liGIxu5JxBceZtUOUwvApXvHjQRbl5V8B8lVvSyQ7exyCbd3Dg4O%2BrfWR2s4%2Bq%2FGIiqH%2BBEfN6VT%2BhaO1TlOpXqdYAc0n9D9qe%2F1jIItlas8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 83707a242e6718d1-FRA

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 101ms
100ms Fetch
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3803259911129503&correlator=1752736152877171&eid=31079956%2C31079958%2C31080121%2C31079527&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cuniversalb&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&ifi=1&didk=2096832710&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702829855273&lmt=1702829855&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=984302906.1702829854&ga_sid=1702829855&ga_hid=1857330203&ga_fc=true&dlt=1702829852980&idt=2020&ppid=2bf31786374ae750e100bc81857f213f&prev_scp=category%3Dall&adks=345054422&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

766a984719a042da3f63d970ca448ff8f22f6b879babcb0fbe9083991db464f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12518
x-xss-protection: 0
google-lineitem-id: 5582840632
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138452573066
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 570 B
374 B 244ms
243ms Fetch
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3803259911129503&correlator=2248844620884750&eid=31079956%2C31079958%2C31080121%2C31079527&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2CSkyscraper&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=130x445&ifi=2&didk=1874942343&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702829855279&lmt=1702829855&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&psz=0x0&msz=0x0&fws=132&ohw=130&ga_vid=984302906.1702829854&ga_sid=1702829855&ga_hid=1857330203&ga_fc=true&dlt=1702829852980&idt=2020&ppid=2bf31786374ae750e100bc81857f213f&prev_scp=category%3Dall&adks=908668280&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b7cd3ef9d27fc08613f249a665c61277cb5c92230ac4c70d9e6600c87a35cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 291
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 68 KB
25 KB 87ms
87ms Fetch
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3803259911129503&correlator=2820947446708183&eid=31079956%2C31079958%2C31080121%2C31079527&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cbillboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1%7C1150x90%7C1090x250&ifi=3&didk=498303881&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702829855282&lmt=1702829855&adxs=225&adys=-90&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&psz=1150x-1&msz=1150x-1&fws=4&ohw=1150&ga_vid=984302906.1702829854&ga_sid=1702829855&ga_hid=1857330203&ga_fc=true&dlt=1702829852980&idt=2020&ppid=2bf31786374ae750e100bc81857f213f&prev_scp=category%3Dall&adks=3448326100&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fbbee535e64f28afbcf1031ec8f00447d7c0ec9791d08f994bcb51835e88f82d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25370
x-xss-protection: 0
google-lineitem-id: 5808934477
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138367631687
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E866 6 KB
3 KB 149ms
48ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Dec 2023 16:17:35 GMT
expires: Mon, 16 Dec 2024 16:17:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 0F39 0
42 B 131ms
41ms Script
text/plain 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=69556063&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:35 GMT
content-length: 0

GET
H2 200 AGSKWxVGjEnZP9PxyIEDEWVjsJE2_h_wiNjgvNm6wlSu37mUsNqwKdmW02SPs5l-9agMZ9G-AWicWsry6eqLSkxtmNI5LNIcojWiFQ7q9xQpJNTNeqKG_3xxKoRMOKDvQ-4THipHGk9Rvg== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 78ms
78ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVGjEnZP9PxyIEDEWVjsJE2_h_wiNjgvNm6wlSu37mUsNqwKdmW02SPs5l-9agMZ9G-AWicWsry6eqLSkxtmNI5LNIcojWiFQ7q9xQpJNTNeqKG_3xxKoRMOKDvQ-4THipHGk9Rvg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyODI5ODU1LDM0MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXSwiaHR0cHM6Ly93d3cuc2Fub29rLmNvbS8iLG51bGwsW1s4LCJVdkZCUVIzNFM1VSJdLFs5LCJkZSJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b63098fff186da20d72d50a2fb1746e60292353086833e835d7db6f6cf18ca5c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-2LdJBxHbg_qKIze3b-pNRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:35 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-2LdJBxHbg_qKIze3b-pNRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EE0A 0
0 77ms
77ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuacCEGTeCOnsWWZYFH2bX9yGXF0E8B5gxzDXDiwz30_CKvrrbSpFuQROmDbQ-Hm5n9CEFjy4wLohb94GvXnt25kceSoI-EDcOk1Bp2aX5PHQs_51iQhPgKCiMrkTcY7gW_FWk5On5McQyIIgz6U0E8Kiq-xtvTrvkH_CwrmKq54zrxG52bt7D3abTVoMxt34J1Bia2NqTt1EiSfx1z28w5RMHkkQoj4lnOrHozirh6a9GzTorWTX39EgnyvtZNAR2rLZ5Dub5KOzuttleRtMr643Zo-_4rKWuN87HVPyUMOM6vCjYCaVmrFvH54t03Je-aE2AVCobb5ISRO8YD82LPJLIzWNKRXYiaizcSaXlxDg3dNSj0bMMbwiM&sai=AMfl-YSvqqUWxCyaRaVLhZBieNqGM_2kC8TqfFVXAHmV8oJyOi9Z8EswzLSW5ZlgThwwuBfBrlT-GrupnvYJvNBfQ3XoFtU5Y2NRzo5Ql7CmYguukBtsmEpgeTL7uVg6fW8Gs6uSwMY7YECT4m4CdsEF&sig=Cg0ArKJSzGFCleDliuVMEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame EE0A 23 KB
9 KB 126ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Dec 2023 23:00:17 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame EE0A 3 KB
1 KB 131ms
45ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 08:14:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28958
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Dec 2023 08:14:57 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE0A 203 KB
65 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Dec 2023 16:17:35 GMT

GET
H2 200 13332405622009641768
tpc.googlesyndication.com/simgad/ Frame EE0A 108 KB
108 KB 126ms
47ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13332405622009641768

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9fa86da3afec7c9a668c72d497e4fc08cc18e217aca94001a42459ec7add5d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sat, 14 Dec 2024 19:55:51 GMT
date: Fri, 15 Dec 2023 19:55:51 GMT
x-content-type-options: nosniff
age: 159704
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110242
x-xss-protection: 0
last-modified: Fri, 15 Oct 2021 08:57:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 204 l
www.google.com/ads/measurement/ Frame EE0A 0
0 47ms
47ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSYPJjXtRnQ1JEpuldEpIEb9QNG8NytbUerUnN8gYb4pdIBR9A3vH_DAJx5Dva9qIPt_s0A
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame EE0A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1980c0bb257d9dedcdc4259dc839235de4e711103a96c1d9be971cae6783a1d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E1E0 0
0 79ms
78ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWXXFU8AX1y4IaiPvBmW-X3UBzIshnOWozubIz8n9fRpTLCyTCXzqcGP3dAUOogAL6v70Kd3ms5dTg7tCItEJRNKmk1AQU3fUal1HDB_1JJ5fVSRrmSVDTOx73C1cSm1PJhEIN3eRQCCBhFr-c1M-_6DJvcAsmxAze5TaMBHcVS1FjkMXLDoomguruPHAb8WkGaclQS6RfmGAh7JNxgoVywx3uhY0T9ZtbLMTNDAYmTN3V50DcjTZI1frD21ZbJegpgRqVPQh0XGj7oMZCmgsCg4KBZZGLdB-lOTGsWLfeuFWhJ-OZis-HE82Gvyg_Hjihons0q7_JubiWnZecPdwfkDfF0pHIB7jHnektXfRqgf1EmiGM0w3nhQxi&sai=AMfl-YRv8v0A9yO9PAZI6-AmrsMSGYK8h64UlMtlHP-7R1_5WJmTfaoxNjA3SW23xiGrfOxeiOQp0EWkOiLHCJBwOoflTi9pmrig9e6TTdiDKQu2Jd3BbJ5gciEx6U1ouK_YJxSch6z2aFMSwoDl-Q8XH_c&sig=Cg0ArKJSzArdTihJUypTEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame E1E0 90 KB
29 KB 127ms
127ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5340106943b6cf74d0e557617764eb412114888f57530f15967853730f7aeefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29565
x-xss-protection: 0
server: cafe
etag: 347 / 19708 / 31080056 / config-hash: 17400476758908410755
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 16:17:35 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E1E0 203 KB
64 KB 82ms
81ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Dec 2023 16:17:35 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2F&rid=esp&cc=1

85 B
194 B

154ms
153ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2F&rid=esp&cc=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: bdf54f2412ac33a508ffbe91eb947c135521fd7f82fddfbe198ff83836c59832

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:35 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-SQmy5vMw+AZft03C9j1nX557Psg"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sanook.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Sun, 17 Dec 2023 16:17:35 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.sanook.com
location: /esp?url=https%3A%2F%2Fwww.sanook.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
334 B 424ms
55ms XHR
application/json 34.251.84.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.84.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-84-60.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ac21498fd45945795cafa9100c0b530de3b03539ee3d212d7f1ab1e6d0b228bd

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:35 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache
x-server: 10.45.28.185
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 336 B
175 B 362ms
361ms Fetch
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3803259911129503&correlator=3985103106642985&eid=31079956%2C31079958%2C31080121%2C31079527&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cleaderboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90%7C468x60&ifi=4&didk=3402878631&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Daf77bd343ae492f9%3AT%3D1702829855%3ART%3D1702829855%3AS%3DALNI_MbGRMSHPHNrR50HPIK5-G2O9h7U2Q&gpic=UID%3D00000d1e124cfe5d%3AT%3D1702829855%3ART%3D1702829855%3AS%3DALNI_MYiqMYMBWlowqV11Ctwmvw0SzhdFw&abxe=1&dt=1702829855541&lmt=1702829855&adxs=0&adys=1811&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&psts=AOrYGskR-fbtv5qFeRAY112BK20rXVnL1W__WKbZq2qCmRqfQHN0u1BGRtopnzcvCRVg6psT6PjAmF4mx0ODZJdPf5ZnAqEudNxrzIjrGINuP08WkrnjszhXZ3A%2CAOrYGsmDUoSQZmBGYuJz_XwTV_l6OffZq-kuvRyrVB_P84mO2leMkTEfucI_Wo87ZdpxaQLSXpPUOPaTFin8oWOx8iRG8RRw7UZWOhXOcanIWSf-YQ&ga_vid=984302906.1702829854&ga_sid=1702829855&ga_hid=1857330203&ga_fc=true&dlt=1702829852980&idt=2020&ppid=2bf31786374ae750e100bc81857f213f&prev_scp=category%3Dall&adks=3667654068&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd1b9bcd79a953c779d560fa9326e70b7d2b15ed8d6eae6fba970d9de764b4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 79D4 0
82 B 92ms
86ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 17 Dec 2023 16:17:35 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 1B11 3 KB
2 KB 106ms
41ms Document
text/html 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 373
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 83707a25a8f744f2-TXL
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 17 Dec 2023 16:17:35 GMT
expires: Sun, 17 Dec 2023 20:17:35 GMT
last-modified: Mon, 25 Jul 2022 19:18:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 12C1 281 B
555 B 129ms
40ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 17 Dec 2023 16:17:35 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame BB95 52 KB
17 KB 137ms
39ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 38765
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 17 Dec 2023 16:17:35 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 494, 229146
X-Served-By: cache-lga13626-LGA, cache-fra-etou8220096-FRA
X-Timer: S1702829856.671056,VS0,VE0

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ Frame E1E0 431 KB
135 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 23:18:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61121
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138180
x-xss-protection: 0
server: cafe
etag: 6854214708762155125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 15 Dec 2024 23:18:54 GMT

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
230 B 127ms
40ms XHR
text/plain 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Sun, 17 Dec 2023 16:17:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 37 KB
14 KB 356ms
356ms Fetch
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3803259911129503&correlator=1016715032198277&eid=31079956%2C31079958%2C31080121%2C31079527&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Creca&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C257x240%7C300x125&ifi=5&didk=4218483591&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Ddfcd3b7e2d1d4ec2%3AT%3D1702829855%3ART%3D1702829855%3AS%3DALNI_MZRbEcMPsqLEAB8VRbCaf03FqIi7w&gpic=UID%3D00000d1e132ddd63%3AT%3D1702829855%3ART%3D1702829855%3AS%3DALNI_MassMQqMVpzKv_gydIUHD-np9_8lQ&abxe=1&dt=1702829855605&lmt=1702829855&adxs=1033&adys=1076&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&psts=AOrYGskR-fbtv5qFeRAY112BK20rXVnL1W__WKbZq2qCmRqfQHN0u1BGRtopnzcvCRVg6psT6PjAmF4mx0ODZJdPf5ZnAqEudNxrzIjrGINuP08WkrnjszhXZ3A%2CAOrYGsmDUoSQZmBGYuJz_XwTV_l6OffZq-kuvRyrVB_P84mO2leMkTEfucI_Wo87ZdpxaQLSXpPUOPaTFin8oWOx8iRG8RRw7UZWOhXOcanIWSf-YQ%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=984302906.1702829854&ga_sid=1702829855&ga_hid=1857330203&ga_fc=true&dlt=1702829852980&idt=2020&ppid=2bf31786374ae750e100bc81857f213f&prev_scp=category%3Dall&adks=4033539290&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf9396f2dceb8c82ff00c0ac4dd321e787ab337fd90789c21651cb127997adce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14713
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EE0A 0
0 157ms
78ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvL90LeV89c7RQfMGuWcmwnoA0ISWIMyAdgnaFq3gsIdVmQ4Gp8hktiIQZ8aTjZUDkF3vegQx-wLlvJQangopuCOcSg8jB-8GNk47WRsEDoTBZMoLaLrW6q-PpNC9qdUWUvqPuAGUqkJ85BRyi9wZ-MOUbwnHPReFHdWg03G-KJNxvL9cp-iQVgItfNO332SvvuOeROL0hh819LGmNKwTJfFajDgcIO2nozU5XUp-_T397zqYiRBqqJpPO-40Z9U-jV13qIxeMl5NzOp4D3F8MS-Qx4H_tCTOPHO0j-BGlWeeNveSLJd4hvG0Cfq8TSD1ge3L3miJOSmdK8BV7OadJyA99EwfbFrZnzo5ZL0q2WUuHR_4tYAKAjGvh8tw&sai=AMfl-YQUaBW_iiAAIx4MQmV_EKYWUQ9931OVDuFRys_Oc6bi6chCxLUv91APRxPaA9KNfJ0ximMpb8UJQf-QM7vV27GVtGMTzdwHtHK6umFCOzdnZGfEJsAnSTyZV4vs8dAKXVEDg4BW0RASRfzF3iQ-&sig=Cg0ArKJSzASRvthT8T3fEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 17 Dec 2023 16:17:35 GMT

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 840E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
807 B

71ms
70ms

Document
text/html

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c00eecfe21da5ebce40280fea44aa14acdfe37daccfc48595f2ae4700fa4840e

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 83707a266bee2671-TXL
content-encoding: br
content-type: text/html
date: Sun, 17 Dec 2023 16:17:35 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhM5%2BO%2FVvz73EqFbcGPAHFkh9pF8nlAX50cyL3xag9MHOYJAdtHj783tNReiEhDeY09kVWbMR4oY0qDdlGvj0DpKeCI9QB%2FPfT9kndABDMRKzT3k7QB1CR5lsdCmUTYgNvUTqsRGZKPUpg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 83707a260b182671-TXL
content-length: 0
date: Sun, 17 Dec 2023 16:17:35 GMT
expires: 0
location: /usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5cjJVcs0%2FxfPxrqmq5NqvxZPjuTmyFtp4VXtJMLHapCztoXWS6xX9Rh%2FT6Yg0G0Fx9muLCcwSKW%2BBeTCO7PKRfrYrFjbTh0bFerbTaJgVUG3y40tAKXu8DycHB006RwUhQWqIFXOJwEhPw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 12C1 45 KB
13 KB 42ms
42ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: ef99872383d06605558112058dcaf932036b3685ed092edace07b1266e4d39fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 17 Dec 2023 16:17:35 GMT
Content-Encoding: gzip
Last-Modified: Sun, 17 Dec 2023 04:52:08 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=45327
Connection: keep-alive
Content-Length: 13201
Expires: Mon, 18 Dec 2023 04:53:02 GMT

GET
H2

200

bounce Show response
ib.adnxs.com/ Frame BB95
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
644 B

46ms
46ms

Script
text/html

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:35 GMT
an-x-request-uuid: 50625402-1774-4359-aedc-5fadda5f503e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.100; 80.255.7.100; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:35 GMT
an-x-request-uuid: 56108e3d-40ad-4da5-95b3-78e1b8d3f499
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.100; 80.255.7.100; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 12C1 7 B
380 B 184ms
42ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 579d6dd278f76ae39d067788043e4297
Expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E1E0 0
0 81ms
81ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvCUdjA6-9rObadZxbO_WFkosJ1inNnmj_5f-P10aXDPGRRl-LV0gTy1wR0uPOGTdrm0U3_Frig0P2ggwAP0123d2pn8qJRPDc4eK61DUniwcGPPsgeXLehtzbaG0tIvEhxroW74Fz3CWPtIHXOIdl7nNCZ_kSLk004pst6Nry-ry0Mw4LzFiSZhgvMIctYl9H2D3kYpmBuSoy3a1b2qo0gfM2DUl2yq4ujqGEE58vIpbFCoH3li2_aAr_vWxTH4r-5XM1lWOhG_3irus28wKA3s8OE3dmvG30YNe84-M3gN9oNz0Ll49y6RK8b_FbAV6S3yv0a_12Cp_mwoMHXGiNr9Y28cN0zJGrk6DH8CuYlIQEaJIAPINu1XHswyLs&sai=AMfl-YTgcG2CFP_oyUv1Se5Ze-7s-MVd_6jdkLmaWn7LqxORgQ3OTI4Di1p7V9DrBd8nVMOHO0hRSmdRtfBoreLn8_Jt4W0vwo2bkWmwF7Yr8r0hKg9_LRSkUeSk1cIqocgbLmMfFJ-J0KbB1DMQnT74eEQ&sig=Cg0ArKJSzGctqztREmpDEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 17 Dec 2023 16:17:35 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame E1E0 966 KB
103 KB 117ms
117ms Fetch
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2589693463768830&correlator=2753275174247057&eid=31080056%2C31080116&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&us_privacy=1---&iu_parts=21927187246%2C55034_Sanook_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&didk=607409652&sfv=1-0-40&sc=1&cookie=ID%3Ddfcd3b7e2d1d4ec2%3AT%3D1702829855%3ART%3D1702829855%3AS%3DALNI_MZRbEcMPsqLEAB8VRbCaf03FqIi7w&gpic=UID%3D00000d1e132ddd63%3AT%3D1702829855%3ART%3D1702829855%3AS%3DALNI_MassMQqMVpzKv_gydIUHD-np9_8lQ&abxe=1&dt=1702829855763&lmt=1702829855&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=wr1hrqh07bug&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.sanook.com%2F&ref=https%3A%2F%2Fwww.sanook.com%2F&top=https%3A%2F%2Fwww.sanook.com%2F&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&ga_vid=984302906.1702829854&ga_sid=1702829856&ga_hid=10500022&ga_fc=true&dlt=1702829855405&idt=336&adks=178697795&frm=23

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98a5f16260df4c9d11eeb9d1ffe5416a54864a6b850c52dbb65f6ad7bece2c8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105506
x-xss-protection: 0
google-lineitem-id: 5849485604
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138373690262
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E1E0 16 KB
12 KB 178ms
92ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35230b8d720cfa178fb689ef80985e67db044b7c7b4119f5141c10c19855e36f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12185
x-xss-protection: 0

GET
H2 200 container.html Show response
4305d22e66b225320ecc4bea83b468f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BC55 6 KB
3 KB 74ms
47ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4305d22e66b225320ecc4bea83b468f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Dec 2023 16:17:35 GMT
expires: Mon, 16 Dec 2024 16:17:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 840E 70 B
149 B 174ms
55ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:35 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 840E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZX8fH.fbsVhOf3aYSGRgMgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFvWJX6vbzk9vqMHs2_Itag&google_cver=1&google_hm=2

43 B
733 B

80ms
80ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFvWJX6vbzk9vqMHs2_Itag&google_cver=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eGRbRyZWQyLc75mNPtAPW08k3w11PNVzR7NvehS%2FTIY5SPlgqknUqa0SQ6kIW20HrntPHV0zAM4M0ukhR00lNaKn%2FSjWPVUGgj%2BAeMwA5nC%2FIPKhMardftXLybq66SgZz0B9cv3mlWOIlA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83707a2e7fa658e4-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFvWJX6vbzk9vqMHs2_Itag&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 840E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZX8fH-fbsVhOf3aYSGRgMgAADLkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBfh9zWqosTouxioyN9zRK0&google_cver=1

43 B
768 B

100ms
99ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBfh9zWqosTouxioyN9zRK0&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPCEWaSsbZtmU3aqG%2FVJIkW78Tmd3xlPfnf8FFkkt0FwryHE4Bkflb0SUH1sukhOQlcdr6LhQX19SFx4sJ2c9%2FXLvLeaQzGfLq0KnmhwoQs2NRZIYGOhb%2BDymlI1TXhL6MXcSWbPLgNZnA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83707a2e2e8f58e4-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBfh9zWqosTouxioyN9zRK0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 840E
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZX8fH-fbsVhOf3aYSGRgMgAADLkAAAIB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZX8fH-fbsVhOf3aYSGRgMgAADLkAAAIB&gpp=&gpp_sid=&dcc=t

43 B
855 B

137ms
136ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZX8fH-fbsVhOf3aYSGRgMgAADLkAAAIB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Dec 2023 16:17:37 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 8K6XTQBSY0V7TQ9FGK0M
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 17 Dec 2023 16:17:36 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: GNQN3BZ6YECDA1Y473TN
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZX8fH-fbsVhOf3aYSGRgMgAADLkAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 840E
Redirect Chain

https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=ZX8fH.fbsVhOf3aYSGRgMgAA%263257
https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=588cc097-199c-4952-ae53-21289a95ce49

43 B
731 B

114ms
113ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=588cc097-199c-4952-ae53-21289a95ce49
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x7RmPH1A6PBblVWH%2FVzj26Z%2FAbrxkT9bdxDA926lHOtW2CMpt67TzN5zf6beNLNTdIzopkgDTxEqML1ahBt5hQxqcCcBPkJCQnb9f8pRY2PV1qd8F36jRjXYCJ3CVC2Pvu5Q35m9zvsVzw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83707a2e2e9758e4-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=588cc097-199c-4952-ae53-21289a95ce49
Date: Sun, 17 Dec 2023 16:17:35 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 840E
Redirect Chain

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=3693379d-a04e-4360-adb7-96138a7fdcae

43 B
729 B

106ms
105ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=3693379d-a04e-4360-adb7-96138a7fdcae
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=beW3u0CGhnNohLLsh2LJj6MtTu9Yp7I7vKtBWYCTNOC2TkgqTuSES4phSOGgH2umm3Ml9tJNGgSzhQccO5OGR6RolWb4MNyKXrbdRLj9wzBQIK3cbqEzpn7ba5KvHNDjKgctGYBdlLOw%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83707a2e2ea558e4-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=3693379d-a04e-4360-adb7-96138a7fdcae
date: Sun, 17 Dec 2023 16:17:36 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
content-type: text/html; charset=utf-8

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 840E
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084928925621731

43 B
733 B

101ms
100ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084928925621731
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n59zglvI4B7JkpnB%2BNg%2BY1lCmMFwiE2myuofWkV6Coz3BxW%2FNF4z3TtNLA0dMH2aHbBF52hO7UCFlc%2F4JRU7vR60dX0VUPZPC9rbiJBXEscFhDxfIr9P6ahl9D9JBH00UrU0WSONqR3erQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83707a2e2e9c58e4-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084928925621731
Date: Sun, 17 Dec 2023 16:17:35 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 840E
Redirect Chain

https://cm.ctnsnet.com/int/cm?exc=19
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=bd7f22a130c14b18b7d2a891650def15&expiration=1705421856

43 B
727 B

116ms
115ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=bd7f22a130c14b18b7d2a891650def15&expiration=1705421856
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hd1IshzwSH4sRBo5TCO5XjiazJu7d46HTCy9IdlNuyX5VdGyDJdarym3eHOuo8FE04B9ZgAV1uT7HX0I7ZrVAJGpU6thUGmarqI6kka7au8OExDf3WqJQeEFwxTmSDdmgbNGlo9ZNrur4w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83707a2e2e9f58e4-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:35 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=bd7f22a130c14b18b7d2a891650def15&expiration=1705421856
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 840E 43 B
229 B 43ms
37ms Image
image/gif 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZX8fH.fbsVhOf3aYSGRgMgAA%263257
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:35 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 30885
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 83707a26fbf544f2-TXL
content-length: 43
expires: Mon, 18 Dec 2023 16:17:35 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 786F 0
71 B 55ms
49ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 17 Dec 2023 16:17:35 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 555(5).jpg
s.isanook.com/fi/0/fp/393/1967865/ 10 KB
10 KB 42ms
42ms Image
image/jpg 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/393/1967865/555(5).jpg?ip/crop/w268h151/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

82dc0cf2539744d6ee76d6cfd5266e4af310d1975d077b75a83f347a62a2fd2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 13:56:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 211
content-type: image/jpg
cache-control: max-age=2592000
x-nws-log-uuid: 13469095889741276204
accept-ranges: bytes
content-length: 9797
expires: Tue, 16 Jan 2024 13:56:38 GMT

GET
H2 200 4.jpg
s.isanook.com/fi/0/fp/393/1967661/ 11 KB
11 KB 40ms
39ms Image
image/jpg 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/393/1967661/4.jpg?ip/crop/w268h151/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

e73d45691c36b007c87cd1ed1ce56852d6def5a303e08d3726493b559ac60c0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 13:32:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/jpg
cache-control: max-age=2592000
x-nws-log-uuid: 10397630175368292036
accept-ranges: bytes
content-length: 11414
expires: Tue, 16 Jan 2024 13:32:21 GMT

GET
H2 200 5.jpg
s.isanook.com/fi/0/fp/393/1967705/ 8 KB
8 KB 40ms
40ms Image
image/jpg 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/393/1967705/5.jpg?ip/crop/w268h151/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

19af4f5fbc141187502a7ee6f820c37f4b2042673098ca75c31b639270933c0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 05:40:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/jpg
cache-control: max-age=2592000
x-nws-log-uuid: 13339403327847929006
accept-ranges: bytes
content-length: 7841
expires: Tue, 16 Jan 2024 05:40:54 GMT

GET
H2 200 6.jpg
s.isanook.com/fi/0/fp/393/1967665/ 10 KB
10 KB 42ms
42ms Image
image/jpg 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/393/1967665/6.jpg?ip/crop/w268h151/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

089add41671da8e37147f26f66a4ade54751cd9eb4a0aea25b821344dac7b2aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 03:52:11 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 962
content-type: image/jpg
cache-control: max-age=2592000
x-nws-log-uuid: 6977623432058908903
accept-ranges: bytes
content-length: 10152
expires: Tue, 16 Jan 2024 03:52:11 GMT

GET
H2 200 tagline-template-update-april.jpg
s.isanook.com/fi/0/fp/393/1967777/ 12 KB
12 KB 41ms
39ms Image
image/jpg 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/393/1967777/tagline-template-update-april.jpg?ip/crop/w268h151/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

22b15a8eda7a0fef1474ebffb78ba7ebb95e719e78ae398d30468280a8c6302b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 11:22:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 1225
content-type: image/jpg
cache-control: max-age=2592000
x-nws-log-uuid: 6918494953336323577
accept-ranges: bytes
content-length: 12244
expires: Tue, 16 Jan 2024 11:22:02 GMT

GET
H2 200 taglinetemplate-update-april2.jpg
s.isanook.com/fi/0/fp/393/1967741/ 8 KB
9 KB 41ms
39ms Image
image/jpg 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/393/1967741/taglinetemplate-update-april2.jpg?ip/crop/w268h151/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

315aacfcbe0d3b9427874fdd795d5d2a2362c5be99b700588afaac8a6f5616ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 08:08:42 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 450
content-type: image/jpg
cache-control: max-age=2592000
x-nws-log-uuid: 16958379252025612332
accept-ranges: bytes
content-length: 8640
expires: Tue, 16 Jan 2024 08:08:42 GMT

GET
H2 200 tagline-template-update-april.jpg
s.isanook.com/fi/0/fp/393/1967725/ 7 KB
7 KB 40ms
38ms Image
image/jpg 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/393/1967725/tagline-template-update-april.jpg?ip/crop/w268h151/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

55076a48d8ee9b9e6f2fe30a927937d8177aec82b5b1bb404624b62d632b3d39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 07:21:07 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/jpg
cache-control: max-age=2592000
x-nws-log-uuid: 15095177326899808692
accept-ranges: bytes
content-length: 7377
expires: Tue, 16 Jan 2024 07:21:07 GMT

GET
H2 200 6-floors.jpg
s.isanook.com/fi/0/fp/393/1967709/ 11 KB
11 KB 41ms
39ms Image
image/jpg 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/393/1967709/6-floors.jpg?ip/crop/w268h151/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

47d18e030c178951d361a1438e2ebb89aabe78983d2f6bd6457eb2b3e4de8cf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 07:02:06 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/jpg
cache-control: max-age=2592000
x-nws-log-uuid: 8800644221561222809
accept-ranges: bytes
content-length: 11488
expires: Tue, 16 Jan 2024 07:02:06 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E6BE 0
0 78ms
78ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssN8ZTas53mMoepYyJX1wTWgVFcJBfi83LJXeDX5kRpNzqB6qhV0psF5Oy-OdK_oPHijP6HT111O6VpVsXiiWarvxQ6d-C0QjQuCCPfaIpNAQ3ZSJf2S7dxcFZwTbkFV7UpDsxujmjPpOwZZuyZ-mUg7v_lV-att-o0erDjMYYaajovGNwvynYbUM-x-Pa46l3BTMQDlpmW9P2VlbkBOx2UFTq7DurjJo8WIuMZEVegSIDaIrhox1dTB3YIrvSlccCX3SbY39fPYIK9odBwIZs0gF2hBJ7gk4OUlc7eh5hy1icun04tGbPiVrK95CzYVENRmoJ65GTZzWi5d8zA-ufx3aA3rQdf&sai=AMfl-YQI1pGxB79JN6Mr3_pUsYymTFp9QNivJxBZFtMGHUdm59X-BHlXKIvlJXDJd_6xRl20UCOwCEETg8nLVFvD_9bOilm9USYOKjdbp3kVaNoEAMwHzgBUT0TLjovFDLg&sig=Cg0ArKJSzK8fz2hRPMhXEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame E6BE 23 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Dec 2023 23:00:17 GMT

GET
H2 200 check Show response
rtbdemand.apiip.net/api/ 169 B
397 B 284ms
185ms Fetch
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbdemand.apiip.net/api/check?accessKey=7ef45bac-167a-4aa8-8c99-bc8a28f80bc5&fields=countryCode,regionCode,regionName,city,timeZone,countryName
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 119172b9fea1ffe0901557e8bab5822cc645824d7033fd0f2393e7ba592a9cb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"a9-+I+UFg1TYO1Qim2Oad/HWmMbRHY"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 83707a28bc9d9b94-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 282 KB
70 KB 139ms
49ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:28 GMT
content-encoding: gzip
via: 1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront), 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
last-modified: Tue, 12 Dec 2023 22:20:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 9
x-amz-server-side-encryption: AES256
etag: W/"d6937d02acbbf691a008906e9d0617e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: ZJ6jSIZpod4vKlnLVFIvxT5tdptOoxXxbCUdbnh9tsRC-n20SJWDzQ==

GET
H2 200 a.js Show response
p.adlooxtracking.com/gpt/ 8 KB
4 KB 133ms
40ms Script
text/javascript 34.107.231.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://p.adlooxtracking.com/gpt/a.js

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.231.107.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:56:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
server: nginx
age: 1285
etag: W/"81c857a6c52da1ca7444f198bd33b2ea"
last-modified: Tue, 22 Nov 2022 17:41:01 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public,max-age=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3703

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E6BE 203 KB
64 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Dec 2023 16:17:36 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E1E0 17 KB
6 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 17 Dec 2023 16:17:37 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 61ms
61ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=3.2995124679508887

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AzNzJZsZY3NnrcblD6ATyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-AzNzJZsZY3NnrcblD6ATyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 56ms
56ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=8.38059166378299

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-qTeBelqkS8WUXDnI4kr6wg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:37 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-qTeBelqkS8WUXDnI4kr6wg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EE0A 42 B
174 B 76ms
75ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst1SlWMAGko-bKBd2J6Z4B2YhsiyBoAXIgEBqesFzyd5jRxs3868dzWbtXgTiu3GxaRtZKKYED0Yv1KoknwO7WQELSb_dVAATDUg18bUqNLrJgyqQBLTKqQnmArZpgL6p7UplVgZBdtcIwnov_i2uf8GA&sig=Cg0ArKJSzDMOQsQEuv_lEAE&id=lidar2&mcvt=1355&p=-20,225,70,1375&mtos=1090,1291,1355,1355,1355&tos=1090,201,64,0,0&v=20231213&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3448326100&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702829855381&rpt=241&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame BB95 0
593 B 49ms
48ms Script
text/html 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:37 GMT
an-x-request-uuid: 76af695d-0279-43a1-ace1-3e85c416b012
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.100; 80.255.7.100; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 container.html Show response
f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E22F 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Dec 2023 16:17:35 GMT
expires: Mon, 16 Dec 2024 16:17:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK /
avd.innity.com/dc/ 43 B
600 B 603ms
202ms Image
image/gif 119.81.216.16
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/dc/?cl=225&cuid=22a2e6d0133f49562eb9578e4afa33e2&cb=1702829857007&douid=&sess=113530628.225.1702829857007&dur=0&ref=https%3A%2F%2Fwww.sanook.com%2F&srf=&pk=&pt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sr=1600x1200&ul=en-US&de=UTF-8&vp=1600x1200
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 10.d8.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Dec 2023 16:17:37 GMT
Last-Modified: Sun, 17 Dec 2023 16:17:37 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 43
Expires: Wed, 04 Aug 1985 12:59:00 GMT

GET
H/1.1 200
OK /
avd.innity.com/sync/ 43 B
471 B 638ms
206ms Image
image/gif 119.81.216.16
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/sync/?partner=innity&token=22a2e6d0133f49562eb9578e4afa33e2&type=cookie&itmcb=1702829857008
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 10.d8.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Dec 2023 16:17:37 GMT
Last-Modified: Sun, 17 Dec 2023 16:17:37 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 43
Expires: Wed, 04 Aug 1985 12:59:00 GMT

GET
H/1.1 200
OK d
dc.sanook.com/sanookStat/userActBinary/ 0
130 B 2361ms
748ms Image
text/plain 61.91.93.45
TRUEINTERNET-AS-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dc.sanook.com/sanookStat/userActBinary/d?v=1&_v=j41&a=1082475942&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cd4=0&cd22=firstpage&cd23=indexpage&_gid=1495663451.1702829854&_u=AAAAAEABC~&cid=984302906.1702829854&tid=DC-8147095-6&z=1067200147
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 61.91.93.45 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS: 61-91-93-45.static.asianet.co.th
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 17 Dec 2023 16:17:38 GMT
X-Powered-By: ARR/3.0
Content-Length: 0

GET
H/1.1 200
OK c
sal.isanook.com/sa/ 35 B
376 B 241ms
241ms Image
image/gif 203.151.133.6
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sal.isanook.com/sa/c?v=1&_v=j41&a=1082475942&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QAAAAAABC~&cid=1754712289.1702829857&tid=SA-8147095-6&cd4=0&cd8=b&z=1596171970
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.151.133.6 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 6.134.151.203.sta.inet.co.th
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
Date: Sun, 17 Dec 2023 16:17:37 GMT
Server: nginx
ETag: "5791d98d-23"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: no-cache, no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 cd6cddc5-4dca-4d77-9a65-8b894400e772 Show response
config.aps.amazon-adsystem.com/configs/ 564 B
839 B 132ms
42ms Script
application/javascript 108.157.4.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-57.dus51.r.cloudfront.net
Software: CloudFront /
Resource Hash: dc8e270a6c4089b306a6058d541e71d584db80c236f99875470008a97c8303c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:49:31 GMT
via: 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: DUS51-P2
age: 1686
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: 45YE-a10jciT-0SrXgPlOX-5j-14YA1qBcrmdinIzvhZM05HX06vmg==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
2 KB 41ms
40ms XHR
application/json 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.sanook.com&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: c86d792f85479bc941b4eb8e817e461f88e5b57097f65c48529b509857bda2ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 11:19:51 GMT
via: 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 17865
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2196
x-amz-cf-id: TH_p-u51gpWAYPR9zb5CkaRHrCGo06iiyLp6vBCRLavWEgusFSioTg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 122ms
40ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 88cabd6b8652306789c6bc8090fbcb1a.cloudfront.net (CloudFront)
date: Sun, 17 Dec 2023 01:45:56 GMT
x-amz-cf-pop: FRA56-P6
age: 52403
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: VuqRwMk-_GdAilK2ebfI6CWi633xQynT_jO_E7SyScvs0gOZ9D58_A==

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5A87 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2423
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Dec 2023 15:37:14 GMT
expires: Mon, 16 Dec 2024 15:37:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AA30 829 B
560 B 50ms
49ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

38e86daa57bc126c19f0ff7684da4c1bf2039c6a17e19d5521892e300e6bb0d9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gNPfUfFZsXxTqkCNNPNyMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-gNPfUfFZsXxTqkCNNPNyMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 17 Dec 2023 16:17:37 GMT
expires: Sun, 17 Dec 2023 16:17:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 AGSKWxXcIOyxDK2BJvehq8-sgX9x76ABvKuwk3IUibo6jZkC1MiFNR61A-KiBDpQFw2Wxzoya5xQyxZ64srHvoRAgym730eW1rsuxs68ny0EQT0WogWCdJPcTmF0MRfdM3viQNyUypMc2A== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 132ms
51ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXcIOyxDK2BJvehq8-sgX9x76ABvKuwk3IUibo6jZkC1MiFNR61A-KiBDpQFw2Wxzoya5xQyxZ64srHvoRAgym730eW1rsuxs68ny0EQT0WogWCdJPcTmF0MRfdM3viQNyUypMc2A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YJheoyD0IUMSqf9nVKlOxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 17 Dec 2023 16:17:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-YJheoyD0IUMSqf9nVKlOxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.sanook.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame C208 155 KB
52 KB 182ms
96ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX8fHwAKLN4K4DSBAAH7eiqlmVHdpv92zr7wNQ&u=%7CAOMSsgxnrhoxe%2Fdo%2B2Www1FdEj0iDE4xfuNcNHlIC7M%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_RLVULd6ykJCxappyJEwNkY-6BQ_MCHfczAvT9ijL5vzKE5EhzHqCnrjjRoGjrOh7qGDEaHNmgecqMMmK8QS1yui-N6hgwUwf6cfqHnWpt4FglC4L-6d7eBcKWR7LaL4ZfKvw5qjmPP3KZs1O2FQkFO7H0i9U9dxPWZgSsZUierq5Q31p0NPhliGjPUBkNvmVH99Am-QJagTSTMD7BCf0GWq5OCvEvroaADr2Ed4uXGn0-x4s0gysmtlg2zEESR7_EaXCm9ggML7pkdDJ6N1e4HxTAFb9tx1T6RuPOkLqe-k-seMvDOe5rKBbdAqQRKyF_Jy1xs6bydHdFZKBWnGAouw62g1ungmGgXm0osMUoMk3ycDC8Jigh3Pqs-mURvVG0eRRE1_04Bm3QBg404GCvlGwmA1eWHY2d43tNLgIQS1znQv-SVjY29nq8n7qC-XP1CF6My3Ls2UaF1Jt2UjON16i__Xj8suTeQqMx0m5e5vAdb2bPY-f4ZZwX5PgQUZD1wtquIjR0vVU69NZi930vQqMNhtok6GQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm-OcHx9_Zd7ZKIHpgAf69oeYBsme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi02MTY3MjM4NzEyNzI5MDMyyAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEtwJP0GdPek5U78qzkTrZIsrTxUE6amtoum9lgkM-WwWLzxCFB3gjK-Ll10tk81dj6GKkK5I-_dD-ZmJy4fXE5C48zS6pgmsXZnnADhv0WQFAKx4bIWuRWXuSP7GpgTrN__H9iCL6c2TH0_VORQh7zIZ2TeDgJwbV8d7BVcGOD5gjiD8qUmZSJ9xTz3lvhf1maPQUzrxkt4snqJgWClcteg-dmcd-rEUR1vbLXnq55qFGP1Cvjs-aOMhahIVWhV1QpSU_0gcsarYNM0QQinOm91KexN9T7MDBNRN0A2hA6o6fJQYlD_JyvRyGdJORpKbKyDKsaVvscUie_-gEKVBs3fQEAQbStg24YK7o_2YEcO97vur6YWjMvNJvrV8T6MrUrOhT1PuAODt4fcCjzyND5d9ZtRJqKSipmeAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOli0gKLF75aDA_oLAggBgAwB4g0TCPayosXvloMDFYE04AodevsBY9AVAYAXAQ%26num%3D1%26sig%3DAOD64_0p-Jp9okoTNmvk3zpVuuplZo31Gg%26client%3Dca-pub-6167238712729032%26adurl%3D

Requested by

Host: f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com
URL: https://f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a1b52d877ef6d6eacf3a6b7270f92ba09ec4a253238decd6d239582c104ce99d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 17 Dec 2023 16:17:36 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=GJbahs3MQlsvEFMTZQuLJaVS7ZcoBNUYBFI05Rk8hXhHYsM0Q0D5QIvsqqEy9q846QndF8C69-SNsDTPPWtXoWUiCJHAbAhB_hqR6rQBJmYCfT9RIDeyaQoxnUISARWNLFTN5VvMnJGFGiEj2psVCVescZmW5n6FBLMWD03FqMMt6BzFJ4S7OZGb--UGxPLxqTUtlBPSCXrAsBwpdVE44i-5F6O7_AnNTrx772AUdFUyZKOTMJwm9MxdqTLWgPstXLMCZw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 50685551
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E22F 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com
URL: https://f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 08:14:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28960
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Dec 2023 08:14:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E22F 20 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com
URL: https://f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51798
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Dec 2023 01:54:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E22F 0
0 50ms
48ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRRWqIDK0mhqvdG2sLM-xxk1TxCTIl-bxqHuTMR9N6wNtrSxH0NZGV31SemnkIURQVIA6mZ
Requested by: Host: f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com
URL: https://f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E22F 24 KB
6 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com
URL: https://f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 484868
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 11 Dec 2024 01:36:29 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E22F 203 KB
64 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com
URL: https://f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Dec 2023 16:17:37 GMT

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 139ms
42ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:37 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Sun, 17 Dec 2023 16:32:37 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 39 KB
12 KB 47ms
46ms Script
text/javascript 18.66.248.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-90.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:52:33 GMT
content-encoding: gzip
via: 1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:42 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 51905
x-amz-server-side-encryption: AES256
etag: W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: gRRCHBf2axOfvS4F2HwwBICSpynjG3kmmzcs-hx-ELj4UqVGXXhHaQ==

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
10 KB 144ms
51ms Script
application/javascript 2606:4700:10::6816:35ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.sanook.com%2F&ref=&_it=amazon&partner_id=632
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:37 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 29 Nov 2023 15:31:45 GMT
server: cloudflare
x-amz-request-id: 01CC8G5F16RM7B26
age: 2523
etag: W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 83707a2f5f3d929b-FRA
x-amz-id-2: HXRUR8HjAo6USwQLdtHY+PYQf8tGuqDCh/+7XnINsX6lV9HyCEeo0/fdHmm/D8O2xprGCoT8y84=

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 151 KB
33 KB 52ms
51ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Dec 2023 12:57:20 GMT
server: cloudflare
x-amz-request-id: V2D9XB0XB3MM1KEZ
age: 3289
etag: W/"7229163a9092e2cee472ddee92dcb6ba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 83707a2ecf9a2c25-FRA
x-amz-id-2: QTZuy3bTvATH36yOIaPePZ5jKiWZkjKFZoTe9u6nYiUx98/jHeBML4suwUbj8Uf1dzWdMS/LrVM=

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E6BE 0
0 78ms
76ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4PLBif3S_qnALwwZTzlqYG3FkDIVDW4pAxH_SiKv-YuDEkf-SGSI-LRsnOm8bPFkJtMf2r6ttIbPbb5sv4Xxv8-BiQz82uqQ4KbQra3K0KxVw7M_P9Cr5RV4LOOlTamca7lXr_VL8W0-tmyqJkRo8QImi5nTBDMwJ_xadaS7SkoNagmRF_UwWYUXDhxfsaRo2pxBrxJVnU9YyLeWEqIRrhijfnLbH40gNhrqMEqvI0D5pBEKKFg1iiODN-aIMCziLTI974BW8L8E-61zWFUFQxUDwkyOclRVwKsLIqAt6WrI2vZ4EfWFkwZbHl3J2NkmrGHU1qYIR57RGNovwxo8hkceTYZe1bWs&sai=AMfl-YQymzlLbH7eJLefJlp7W3FCLTaPhmkz30SelUXPKQosBNK8au1LYwQ7Mj_xEgqAccevX0T39JHfoBo9-jo808rUaUcmRbRwyu6OuM3jDHBqEd4pYlXfuSOL-nnGQnA&sig=Cg0ArKJSzI3KVrykBZ4FEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 17 Dec 2023 16:17:37 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AA30 0
0 153ms
73ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=2589693463768830&rc=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 5A87 39 KB
15 KB 118ms
40ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 08:14:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 16 Dec 2024 08:14:44 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
333 B 54ms
54ms XHR
application/json 34.251.84.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.84.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-84-60.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 011bd378ed94b3eeadc34a4dea27aa582ad03a795e6030822765a6378c251215

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:37 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache
x-server: 10.45.29.105
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
DATA 200
OK truncated
/ Frame E22F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2009f6613a06a02b52183f9d9cb7a09960b3f2435b4a5c42e9a2e24d09e9e6a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 prebid-custom-richaudience.js Show response
rtbpass.andbeyond.media/ 602 KB
187 KB 436ms
44ms Script
text/javascript 151.101.195.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e703a095f6114a9905c889cd75b7bd1059a758b00d3c01ca55f3f064a686a389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:37 GMT
content-encoding: br
via: 1.1 varnish
x-amz-request-id: 7NHVYZN9NCF403ZZ
age: 20
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 190838
x-amz-id-2: UfCcI56gBSN4teUO6GKmqn6aq5G0miMFDyVXyMc6VIM/irBL4dEv8hX9cGuK2u32k6nT66ZYtQc+lgnrTvcUaw==
x-served-by: cache-fra-etou8220077-FRA
last-modified: Thu, 14 Sep 2023 12:35:17 GMT
server: AmazonS3
x-timer: S1702829858.586482,VS0,VE2
etag: "5557f783869e27322374ad505b755076"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 1

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E22F 0
0 81ms
81ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C9R5IHx9_Zd7ZKIHpgAf69oeYBsme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi02MTY3MjM4NzEyNzI5MDMyyAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEtAJP0GdPek5U78qzkTrZIsrTxUE6amtoum9lgkM-WwWLzxCFB3gjK-Ll10tk81dj6GKkK5I-_dD-ZmJy4fXE5C48zS6pgmsXZnnADhv0WQFAKx4bIWuRWXuSP7GpgTrN__H9iCL6c2TH0_VORQh7zIZ2TeDgJwbV8d7BVcGOD5gjiD8qUmZSJ9xTz3lvhf1maPQUzrxkt4snqJgWClcteg-dmcd-rEUR1vbLXnq55qFGP1Cvjs-aOMhahIVWhV1QpSU_0gcsarYNM0QQinOm91KexN9T7MDBNRN0A2hA6o6fJQYlD_JyvRyGdJORpKbKyDKsaVvscUie_-gEKVBs3fQEAQbStg24YK7o_2YEcO85vMto4fscgXS_ioWfyCNwos9ZYvGuILnMtf0FPZxdycfBf4ZKwOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOli0gKLF75aDA4AKA_oLAggBgAwB4g0TCPayosXvloMDFYE04AodevsBY9AVAYAXAbIXHAoaEhRwdWItNjE2NzIzODcxMjcyOTAzMhj3gRA&sigh=gQkq7fE78X0&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_vE7ckWRqAHEZtRqJBCWZ4vu7PvAu9Wn37JC4Wpcts0gqbtZWvkbAr6gV6buOHQ76opl1PqWR1-6JYo5dNlSiQrwj3Tb5J4ncAxgB&cbvp=2&vis=1
Requested by: Host: f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com
URL: https://f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame E22F 0
126 B 129ms
43ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k7KVEMc1rAL6AZ2DYgICAAAAWMDbM_0RL8RD1nKCsj9N8RAfH39lX15iCIkcuASTaQAAEgAACgpBUVVCQVFFQkFR&wp=ZX8fHwAKLN4K4DSBAAH7eiqlmVHdpv92zr7wNQ&cbvp=2

Requested by

Host: f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com
URL: https://f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:36 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 153568
server: Kestrel
content-length: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 128ms
42ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.sanook.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 17 Dec 2023 16:17:37 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 211868
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
372 B 42ms
42ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1&lsw=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:36 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 230482
expires: 0

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 135 B
414 B 103ms
103ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

0b55ec4e5aa91ac70224085c402a372fcdd954dd4df3229b7de7efbfa86cff3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Sun, 17 Dec 2023 16:17:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
316 B 182ms
56ms XHR
application/json 54.220.142.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.142.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-142-223.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:37 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache
x-server: 10.45.21.86
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
420 B 56ms
56ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 61853e3e3d0d99b5a7b68d6a0a2f8fee6379a72d66ceb2e9780be47c497c145e

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 17 Dec 2023 16:17:37 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sanook.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Tue, 16 Jan 2024 16:17:37 GMT

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 95 B
286 B 143ms
143ms XHR
application/json 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=632&sync=0&domain=www.sanook.com&url=https://www.sanook.com/
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.sanook.com%2F&ref=&_it=amazon&partner_id=632
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d33247e83dec1323d2ae9bc98565c27e5cef5f88de426ff218733bf8f7eeb05e

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 17 Dec 2023 16:17:37 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 83707a32aee065a9-FRA

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 475ms
381ms Preflight
application/json 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=632&sync=0&domain=www.sanook.com&url=https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.sanook.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 83707a304b9c65a9-FRA
content-length: 0
content-type: application/json
date: Sun, 17 Dec 2023 16:17:37 GMT
debug: OPTIONS block
expires: Mon, 16 Dec 2024 16:17:37 GMT
server: cloudflare

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame C208 2 KB
1 KB 42ms
42ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX8fHwAKLN4K4DSBAAH7eiqlmVHdpv92zr7wNQ&u=%7CAOMSsgxnrhoxe%2Fdo%2B2Www1FdEj0iDE4xfuNcNHlIC7M%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_RLVULd6ykJCxappyJEwNkY-6BQ_MCHfczAvT9ijL5vzKE5EhzHqCnrjjRoGjrOh7qGDEaHNmgecqMMmK8QS1yui-N6hgwUwf6cfqHnWpt4FglC4L-6d7eBcKWR7LaL4ZfKvw5qjmPP3KZs1O2FQkFO7H0i9U9dxPWZgSsZUierq5Q31p0NPhliGjPUBkNvmVH99Am-QJagTSTMD7BCf0GWq5OCvEvroaADr2Ed4uXGn0-x4s0gysmtlg2zEESR7_EaXCm9ggML7pkdDJ6N1e4HxTAFb9tx1T6RuPOkLqe-k-seMvDOe5rKBbdAqQRKyF_Jy1xs6bydHdFZKBWnGAouw62g1ungmGgXm0osMUoMk3ycDC8Jigh3Pqs-mURvVG0eRRE1_04Bm3QBg404GCvlGwmA1eWHY2d43tNLgIQS1znQv-SVjY29nq8n7qC-XP1CF6My3Ls2UaF1Jt2UjON16i__Xj8suTeQqMx0m5e5vAdb2bPY-f4ZZwX5PgQUZD1wtquIjR0vVU69NZi930vQqMNhtok6GQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm-OcHx9_Zd7ZKIHpgAf69oeYBsme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi02MTY3MjM4NzEyNzI5MDMyyAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEtwJP0GdPek5U78qzkTrZIsrTxUE6amtoum9lgkM-WwWLzxCFB3gjK-Ll10tk81dj6GKkK5I-_dD-ZmJy4fXE5C48zS6pgmsXZnnADhv0WQFAKx4bIWuRWXuSP7GpgTrN__H9iCL6c2TH0_VORQh7zIZ2TeDgJwbV8d7BVcGOD5gjiD8qUmZSJ9xTz3lvhf1maPQUzrxkt4snqJgWClcteg-dmcd-rEUR1vbLXnq55qFGP1Cvjs-aOMhahIVWhV1QpSU_0gcsarYNM0QQinOm91KexN9T7MDBNRN0A2hA6o6fJQYlD_JyvRyGdJORpKbKyDKsaVvscUie_-gEKVBs3fQEAQbStg24YK7o_2YEcO97vur6YWjMvNJvrV8T6MrUrOhT1PuAODt4fcCjzyND5d9ZtRJqKSipmeAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOli0gKLF75aDA_oLAggBgAwB4g0TCPayosXvloMDFYE04AodevsBY9AVAYAXAQ%26num%3D1%26sig%3DAOD64_0p-Jp9okoTNmvk3zpVuuplZo31Gg%26client%3Dca-pub-6167238712729032%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 11 Dec 2024 16:17:37 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame C208 2 KB
1 KB 45ms
45ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 11 Dec 2024 16:17:37 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame C208 308 B
636 B 43ms
43ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:37 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 11 Dec 2024 16:17:37 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame C208 293 B
621 B 42ms
42ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:37 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 11 Dec 2024 16:17:37 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame C208 43 B
348 B 126ms
41ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=U0fSLInIsWVZ8cvIipgUU9wqMAQgyHkOjHsllRJMD8bWubuxtR4TiT39OPELt9xfoxxVCdrPdwqHfAd1TrlHcjSZFAU7xGnoX9_zI69gQgb6vbQ7EL9KuqjS30NDsl63qlig91nSa5_Yv2n9qkBMHutXwRT8XkKk9qMEjCAFlz6Ck_g8IEGWh29DgM5Gy5P0sOfyxuFIthlppO6NNpx4sI-7aGrNN0LcM0kJwoCDV3dmqQNh4x_wUnhTlPJpqNfaYvX7pOkwcL8ORGzZY6hcEfjeV4mfB2p6WLyvZKGqrPbnHVq7_EEbb7avVbFT8NVKfXFiGGCWwItmioFO2b5uJ6uxKLas3gFAdk_75fIERjDIQ4Pn3JFr3XK_PH7ftcWucASE7jk6_j0qrd3t5YGmv3KCDyt4D-gjdu-wcHNuIj7rTWki

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:36 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2782142
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame C208 60 B
60 B 200ms
54ms Image
image/gif 213.202.235.9
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=15&extPu=13929-criteo&extLi=264882&consent_string=&iab=1&rnd=657f1f202f21020dee457572e71582aa

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.9 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 17 Dec 2023 16:17:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: So, 17 Dez 2023 04:17:37 GMT
X-ET-Code: 0
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 1051
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame C208 12 KB
5 KB 198ms
114ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1588597
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BS4ypGHF9CYS3QRxu2ZjZWrXcIB%2F6MtJcccpb4kYv0EmBWao7p7BGStBoApWBntAfvqm1cHi8yStXLWXb9ogHKjEPwVoNarNEGoQwulcJZzk8XKxBYwARSzxF9h7HKv5e4fkdtHNxR3uVqlGqJChf8v%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83707a312e9c5c80-FRA
expires: Fri, 06 Dec 2024 16:17:37 GMT

GET
H2 200 c1d096976dd24cf8af55f5aef2a3900d_sofiapro-regular-webfont.woff
static.criteo.net/design/dt/ Frame C208 31 KB
31 KB 167ms
83ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/c1d096976dd24cf8af55f5aef2a3900d_sofiapro-regular-webfont.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

267037fe49ce85195ae3cfe5f7e4039076293f0b6778f6b943130c7940c8335f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 08 May 2018 05:53:55 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5af13b73-7bb4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 11 Dec 2024 16:17:37 GMT

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
274 B 134ms
40ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

22348b52cda513e7ac773bc5c0d398603f5d4fe25c3da7dd5a9d76fbdef1d94c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Sun, 17 Dec 2023 16:17:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5A87 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xQXkTQ
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
181 B 156ms
46ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:37 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
93 B 157ms
47ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:37 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
93 B 200ms
91ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:37 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame C208 12 KB
6 KB 46ms
46ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 11 Dec 2024 16:17:37 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame C208 11 KB
11 KB 168ms
81ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=76&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F8721%2F151110%2Fb36c36e292dd46478a893899a4e21a5f_breuninger_de_all.png&v=3&w=596&rid=4&s=Gdn5MknGv3pijidEoEQ3S0nP

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fc6eb13198c4d3141d5a302a50f3e3b6e69bff1099894f7f435161579a72571a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:37 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 11288
expires: Mon, 25 Nov 2024 01:23:27 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame C208 151 KB
152 KB 266ms
179ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F8721%2F5070249%2Facc3465e96164c07b59f5b0b3197da90_img_square_1.jpg&v=3&w=1200&rid=4&s=C2s2nfPOmi3564Ojab9139I9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5a4fad4d5bbb0b37c8e70506190bf6175db58cd7bdefb8467a98a164aec659a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 155034
expires: Sat, 09 Nov 2024 13:48:48 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame C208 3 KB
3 KB 130ms
42ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F8%2F100149219412000_0_1692949697318.jpg&v=3&w=400&rid=4&s=_i-8d3oA8EELjv_rUbFy7xAF&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

843802a49830a0fe9ee5d87b7673d7a96da9e1ee0dc9b37193ad5700a46f3053

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=7776000
timing-allow-origin: *
content-length: 3048
expires: Thu, 14 Mar 2024 14:18:58 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame C208 5 KB
5 KB 210ms
123ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F8%2F100149079619700_0_1690879643083.jpg&v=3&w=400&rid=4&s=9HvFQ_t0chQWfh_Ef3vN5mdz&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4d3226726ef9f4598163b90ebcf90d8f2c46ab90b98dffa28e225936b2f78e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=7776000
timing-allow-origin: *
content-length: 5018
expires: Tue, 05 Mar 2024 18:48:41 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame C208 25 KB
26 KB 187ms
100ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F3%2F100148502213000_0_1679315457506.jpg&v=3&w=400&rid=4&s=0pGZOXHGOLxa0G5wLasBjBXQ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c2763482440a152dd8ccdfe3ad27596195ee63d1a3f71dd6acc5d1429a69d746

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=7776000
timing-allow-origin: *
content-length: 25946
expires: Thu, 15 Feb 2024 08:02:48 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame C208 4 KB
4 KB 214ms
127ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F9%2F100146762513000_0_1695376804612.jpg&v=3&w=400&rid=4&s=MXzoUT5CC4Tjt45_9hqzjFPF&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6e4f265ae25001b6e13f02de58ebb919cf06cb9d0188a7ff379f785a490df70c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=7776000
timing-allow-origin: *
content-length: 3620
expires: Sat, 02 Mar 2024 14:04:14 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame C208 16 KB
16 KB 180ms
178ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F5%2F100147643618700_0_1684323002255.jpg&v=3&w=400&rid=4&s=fU8V2w5vpHa4qnY82n5f7Gj7&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1cab0830755212e1cbd2dbdff3573009cfa1247def9382562c1380265bcd580d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=7776000
timing-allow-origin: *
content-length: 16146
expires: Tue, 27 Feb 2024 10:36:43 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame C208 6 KB
6 KB 226ms
224ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F10%2F100156589513000_0_1696585543160.jpg&v=3&w=400&rid=4&s=Xm3oL0Ky_oPlKMSAKfekxqGT&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9fb83535f71541a1446c206bad8564a40ffe2aa64a08a2e32fce971f4086ee49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=7776000
timing-allow-origin: *
content-length: 5916
expires: Wed, 13 Mar 2024 12:22:12 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame C208 0
128 B 128ms
41ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=GJbahs3MQlsvEFMTZQuLJaVS7ZcoBNUYBFI05Rk8hXhHYsM0Q0D5QIvsqqEy9q846QndF8C69-SNsDTPPWtXoWUiCJHAbAhB_hqR6rQBJmYCfT9RIDeyaQoxnUISARWNLFTN5VvMnJGFGiEj2psVCVescZmW5n6FBLMWD03FqMMt6BzFJ4S7OZGb--UGxPLxqTUtlBPSCXrAsBwpdVE44i-5F6O7_AnNTrx772AUdFUyZKOTMJwm9MxdqTLWgPstXLMCZw&sds=2&rev=89791&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 17 Dec 2023 16:17:37 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C208 2 KB
1 KB 45ms
45ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 11 Dec 2024 16:17:37 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame C208 2 KB
1 KB 43ms
43ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 11 Dec 2024 16:17:37 GMT

POST
H2 200 617.json Show response
id5-sync.com/g/v2/ 251 B
531 B 183ms
104ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/617.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

7cbf36783315bdadefb9f09016f8d78c14c0ee5a1fc85fe1539470c8d59a9e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Sun, 17 Dec 2023 16:17:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
93 B 46ms
46ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:37 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
93 B 47ms
47ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:37 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H3 200 eyewondermanagement..pj Show response
fundingchoicesmessages.google.com/f/AGSKWxVd_Oyu275kTyX8LUMCx5CYiEs7hX6q6IDaD-zlIUV8dlFHhAqEWFAMsu5CUgVqhXOOdHCxKIreqHMNk1y65U9F4k7v8D0Po5TFeTkKgIUNGB_FmVSU6MjsPq2_qtxBDVnOuD8floldNMqNiofiLtcArIPco... 54 B
109 B 54ms
54ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVd_Oyu275kTyX8LUMCx5CYiEs7hX6q6IDaD-zlIUV8dlFHhAqEWFAMsu5CUgVqhXOOdHCxKIreqHMNk1y65U9F4k7v8D0Po5TFeTkKgIUNGB_FmVSU6MjsPq2_qtxBDVnOuD8floldNMqNiofiLtcArIPcof-5ponPkLs2WcqwvA-X_BquCgfUop0x/_/assets/ads-/rcolads2./eyewondermanagement..pj?adv=/adsyndication.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMwWfbcbLtnPlY16R7U9M_hg5D_tIw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99da398e1c93e073e347e46332696897b6c159b05946eb09f36d77d07185d3ca

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Qh7h_uXkpf85Xuzac0dfGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:37 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Qh7h_uXkpf85Xuzac0dfGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 64 KB
24 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61fccfdc6707e6432998da73d67d285fad858d68d59c9eb2657930772fb2cbd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:14:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24502
x-xss-protection: 0
server: cafe
etag: 8172479049841164170
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 17:14:32 GMT

POST
H3 204 AGSKWxXcIOyxDK2BJvehq8-sgX9x76ABvKuwk3IUibo6jZkC1MiFNR61A-KiBDpQFw2Wxzoya5xQyxZ64srHvoRAgym730eW1rsuxs68ny0EQT0WogWCdJPcTmF0MRfdM3viQNyUypMc2A== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 51ms
51ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXcIOyxDK2BJvehq8-sgX9x76ABvKuwk3IUibo6jZkC1MiFNR61A-KiBDpQFw2Wxzoya5xQyxZ64srHvoRAgym730eW1rsuxs68ny0EQT0WogWCdJPcTmF0MRfdM3viQNyUypMc2A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UWTNnBMkWeRm9-h3MaIByw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 17 Dec 2023 16:17:37 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UWTNnBMkWeRm9-h3MaIByw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.sanook.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXcIOyxDK2BJvehq8-sgX9x76ABvKuwk3IUibo6jZkC1MiFNR61A-KiBDpQFw2Wxzoya5xQyxZ64srHvoRAgym730eW1rsuxs68ny0EQT0WogWCdJPcTmF0MRfdM3viQNyUypMc2A== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 50ms
49ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXcIOyxDK2BJvehq8-sgX9x76ABvKuwk3IUibo6jZkC1MiFNR61A-KiBDpQFw2Wxzoya5xQyxZ64srHvoRAgym730eW1rsuxs68ny0EQT0WogWCdJPcTmF0MRfdM3viQNyUypMc2A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yaIgtEH9QGzUnHXcUARQOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 17 Dec 2023 16:17:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-yaIgtEH9QGzUnHXcUARQOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.sanook.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXcIOyxDK2BJvehq8-sgX9x76ABvKuwk3IUibo6jZkC1MiFNR61A-KiBDpQFw2Wxzoya5xQyxZ64srHvoRAgym730eW1rsuxs68ny0EQT0WogWCdJPcTmF0MRfdM3viQNyUypMc2A== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 49ms
49ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXcIOyxDK2BJvehq8-sgX9x76ABvKuwk3IUibo6jZkC1MiFNR61A-KiBDpQFw2Wxzoya5xQyxZ64srHvoRAgym730eW1rsuxs68ny0EQT0WogWCdJPcTmF0MRfdM3viQNyUypMc2A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sFEKH6HxNH3s6761iJsbCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 17 Dec 2023 16:17:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-sFEKH6HxNH3s6761iJsbCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.sanook.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXcIOyxDK2BJvehq8-sgX9x76ABvKuwk3IUibo6jZkC1MiFNR61A-KiBDpQFw2Wxzoya5xQyxZ64srHvoRAgym730eW1rsuxs68ny0EQT0WogWCdJPcTmF0MRfdM3viQNyUypMc2A== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 50ms
50ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXcIOyxDK2BJvehq8-sgX9x76ABvKuwk3IUibo6jZkC1MiFNR61A-KiBDpQFw2Wxzoya5xQyxZ64srHvoRAgym730eW1rsuxs68ny0EQT0WogWCdJPcTmF0MRfdM3viQNyUypMc2A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-k0J9_WizubuiAUpdxM96eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 17 Dec 2023 16:17:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-k0J9_WizubuiAUpdxM96eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.sanook.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWyzxK7BjdbVFXasveCEZExqcPCttZc3X_lIF6La5-ltbzW_1nw4AEg0q8YDOiHi0MW6K_7evxFBBO-Vvg9UsU_Wpi8GruD47mCFR1aEUQSzaxwCKn5HZtRxrlE9WXdErHPu2wNiQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 76ms
76ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWyzxK7BjdbVFXasveCEZExqcPCttZc3X_lIF6La5-ltbzW_1nw4AEg0q8YDOiHi0MW6K_7evxFBBO-Vvg9UsU_Wpi8GruD47mCFR1aEUQSzaxwCKn5HZtRxrlE9WXdErHPu2wNiQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyODI5ODU3LDc0NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LnNhbm9vay5jb20vIixudWxsLFtbOCwiVXZGQlFSMzRTNVUiXSxbOSwiZGUiXSxbMTYsIlsxLDEsMV0iXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b2849ea9beb74dcdbab8516e65304713e353e2c98ac578f53659e54a37ac7bb2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-s4ZQQ07KlfDvepYzkehEaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:37 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-s4ZQQ07KlfDvepYzkehEaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wrapper.html Show response
wrappers.geoedge.be/ 3 KB
3 KB 155ms
42ms XHR
text/html 2600:9000:2315:d800:2:d490:4d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wrappers.geoedge.be/wrapper.html
Requested by: Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:d800:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

x-amz-version-id: gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
date: Sun, 17 Dec 2023 04:06:52 GMT
via: 1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront)
last-modified: Mon, 12 Apr 2021 12:46:04 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 49633
etag: "4a6c546fe449447f2a620613c0655458"
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 3121
x-amz-cf-id: dGoaS1YqDvVq0pmzPivdCbEKKA1IOzwHWgJKdPVb8RGxCujDZx1uiA==

POST
H3 204 AGSKWxVMdtyoQuyKWauuq9TP2Y4f3W11Y6olHLGhbUbZsf8mifbC0g6u6h89J9VFD1D79NyQ8d0BqIv_i5K8KwZYT9xAungiCbqvqUnu9E1P5hy5Md5iEMqDWKTSGfuTYvxTle1VzcrIiQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 50ms
50ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVMdtyoQuyKWauuq9TP2Y4f3W11Y6olHLGhbUbZsf8mifbC0g6u6h89J9VFD1D79NyQ8d0BqIv_i5K8KwZYT9xAungiCbqvqUnu9E1P5hy5Md5iEMqDWKTSGfuTYvxTle1VzcrIiQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kq9ryvE-51pb7PgGuM3ZVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 17 Dec 2023 16:17:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-kq9ryvE-51pb7PgGuM3ZVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.sanook.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 632 Show response
a.ad.gt/api/v1/u/matches/ 12 KB
4 KB 581ms
396ms Script
application/javascript 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/632?_it=amazon
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.sanook.com%2F&ref=&_it=amazon&partner_id=632
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 551cb67908b5910e5386a7d01f0ff77835bf7c582e9fcc7319d16d79a8713779

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:38 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Sun, 17 Dec 2023 16:12:28 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 83707a34c9ac1e57-FRA

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E1E0 0
0 76ms
76ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=2589693463768830&bg=!2dql2pXNAAY3kmNgF5I7ADQBe5WfOLZmZygsEiZ0cV7fNXY0dGoMaR-WaHGqGozBn4gZf2z6QsZvkdewNd09LYq7ReUjAgAAADVSAAAAAmgBB5kDDMR6J0mbULmx4yxWCkd9bQ__MLFAhWCmn9tMImryPOsopbNZN7Uv9fzprY2QYs9Dyz3vsOBrRonjCgJbw6i4BV2wc639q8JqNZ5WAaHhdmc1F6i1cEPudv2YBg3vzfha8R6zF6_o3bfMSdMTfbhrgNCZxttAZnZsq3zc0g4HsUXJ4lOyajRUycNizXI6KAc7-YW9HbGT85-jhKHKmXuD3G5D4F2Uxmg-s2Y7m8YlJ59VNEOk9SGSPDHjZb8TCb0Ms3DwwjF18O5pVDvWfJ36_roW3hdRS9NoifS4i6fAj1zzjiApQIhRg3nlzQJmegeZlswwfIGoTJrFYijgcVVMVh6fuvOwBLjakBMx9aN62B4em8dQTtYrW3uqsSp9Uui0mHwow2dgAy-TKXloua1HYx-kZhz1T25exmLdGUO1Vo61p27ZKMTyrMIIfXzSHbKDeitG_uwQTWDEuzN8KRshjtBx2gpYsEwJ6U9bIyeSoiEauvdixYkTmctk1I8h_z6G1e7SEI9MPfv87DGevAN6wOUVuyBs1F8CoP0bSrECdQ779ChyDLem2LgIVi-EkWfrkK5oHjRqnig7qp6Fw82NNwalglVstfaqRevMZ4lZjuTvM9mOeRCPx-WQPg0eX_KcSrEjVph5taL9UBVtcEVaGny1AML7a2JW_hUjYJwyIK0Vw8SggD1G_UkTL-gU8h66bWUs3YVEQSGcLnHczBHCmCBaLVDJHUfEmMnEYmZA5T5g-u7bATvwj1ROvE9qm2TNeJwmcwnYhqnVio8KzCDLP7lgjLfj0yNH8pgUheYuARSAn0TglBQfixgigJ_uF9iahT9LRoHwrgOC_1Ww5d-6DI3RYwfrfjNtwu2G_PxxLoLrBnM9zZ7ZU5pkTeZAJAcgdBb87S47rLSTrP21D9FQgPU6ptXz4qLXJDHZxYxUOvBT62oUZbaFzJHrLaF_toHEMN2yeQFQpMd7Yds5m8uHXcs_zIvJNsPEW1uNN0GpRmrGBrWgllChNY8oo-s09IU8oSQ13pXft_VdXXDaiA
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
273 B 40ms
40ms Fetch
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

0ae2636db175ec850534c29cc10e4c036c423a43a19ae1ea0c25349673975aa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: https://www.sanook.com
date: Sun, 17 Dec 2023 16:17:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E22F 42 B
64 B 77ms
77ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssSVThC1P8aMhQ5Ss55GIZtUOSDDwvw4bmLfT8gBRAsb1TDWmp3Mlvs12ZzVmUegeFwSGgZho8ug0yebxVbL8qvK0DQdhQtS027ZbNT5j8zyNGkrcSE&sig=Cg0ArKJSzLnlOTD5IscUEAE&id=lidar2&mcvt=1000&p=950,1033,1200,1333&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4033539290&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702829857002&rpt=141&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 v3 Show response
id5-sync.com/gm/ 319 B
598 B 40ms
40ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

953c799d711d331eed4c82605c36589a35016404cffcca4f59fdea5b3cc37930

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Sun, 17 Dec 2023 16:17:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 all
csm.eu.criteo.net/ Frame C208 0
127 B 43ms
43ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 17 Dec 2023 16:17:37 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 tgframe.html Show response
cdn.taboola.com/webpush/ Frame 6374 530 B
553 B 44ms
43ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/webpush/tgframe.html
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/webpush/publishers/1011713/taboola-push-sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee855581a36f5e32f1850e5d174d46156e51d3790a84851000c6b8cc0f135408

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

abp: 37
accept-ranges: bytes
access-control-allow-origin: *
age: 78
cache-control: private,max-age=14400
content-encoding: gzip
content-length: 290
content-type: text/html
date: Sun, 17 Dec 2023 16:17:39 GMT
etag: "279913f0b9685fbf713832b8a94e8140"
last-modified: Tue, 25 May 2021 10:44:34 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 varnish
x-amz-id-2: rdoyMdNYbPSKwT4MsqESUc+aFY0Pi7f1Pi/FBrLffvWwu6Djf5b5z9/Ykjj/MKZ5ndHdPDJDFR0=
x-amz-replication-status: COMPLETED
x-amz-request-id: Q3X6NBBE61N4HS7V
x-amz-version-id: eCJpg3h26Rvju2v48GlDAqZa5i1cGp21
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-fra-etou8220056-FRA
x-timer: S1702829859.396976,VS0,VE1

GET
H2 200 nr-rum-1.246.1.min.js Show response
js-agent.newrelic.com/ 44 KB
16 KB 130ms
44ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-rum-1.246.1.min.js

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ef19e3064e5fd9e046a6f4661949e2c7b1c7862f5269ac227ab08b8f63da87fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: RDDAwCkVSpQHx6hy0l8q2dFgVzGGMuQC
content-encoding: br
via: 1.1 varnish
date: Sun, 17 Dec 2023 16:17:39 GMT
strict-transport-security: max-age=300
x-amz-request-id: DFZWV2Z0W8SVTMQ4
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 15673
x-amz-id-2: Y1o02ngYS9GSyYMTnZfNaLkZYF2Ng5U3OSMDbFJSoDOKwl98j5i58Sjtuv4hjeJbfl3Ks/nLW3I=
x-served-by: cache-fra-etou8220068-FRA
last-modified: Tue, 31 Oct 2023 15:33:55 GMT
server: AmazonS3
x-timer: S1702829859.480496,VS0,VE1
etag: "04fdba12d14ecd22e6ac743bca4e0072"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 1

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 95ms
95ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

504c0ac9eaa05ffc0fa1357b18b751e7adad81096bd420bf5533e87604fb2214

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12360
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 17 Dec 2023 16:17:39 GMT

POST
H/1.1 200
OK 8f062114d3 Show response
bam.nr-data.net/1/ 40 B
463 B 900ms
725ms XHR
text/plain 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/8f062114d3?a=50891400&sa=1&v=1.246.1&t=Unnamed%20Transaction&rst=8043&ck=0&s=0&ref=https://www.sanook.com/&be=1504&fe=6398&dc=1248&perf=%7B%22timing%22:%7B%22of%22:1702829851473,%22n%22:0,%22dn%22:826,%22dne%22:826,%22c%22:826,%22s%22:1045,%22ce%22:1267,%22rq%22:1267,%22rp%22:1504,%22rpe%22:1942,%22di%22:1950,%22ds%22:2750,%22de%22:2752,%22dc%22:7900,%22l%22:7901,%22le%22:7902%7D,%22navigation%22:%7B%7D%7D&fp=2365&fcp=2365
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-rum-1.246.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer: https://www.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

Date: Sun, 17 Dec 2023 16:17:40 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.sanook.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 83707a3f2ebc4534-TXL
Content-Length: 40

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 62BF 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2425
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Dec 2023 15:37:14 GMT
expires: Mon, 16 Dec 2024 15:37:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8229 829 B
561 B 49ms
49ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8ac27ef15d7500c039ef3d5ffb8a561719095bd122df2df51ea5b1366a85e947

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kmbZdgP1946VF9JSpZR-Kg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-kmbZdgP1946VF9JSpZR-Kg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 17 Dec 2023 16:17:39 GMT
expires: Sun, 17 Dec 2023 16:17:39 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 62BF 39 KB
15 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 08:14:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 16 Dec 2024 08:14:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8229 0
0 73ms
73ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=3803259911129503&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 62BF 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?fKLqfQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:17:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
76ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=3803259911129503&bg=!GBulG1TNAAY3kmNgF5I7ADQBe5WfOLVq5dtbxqiznLDRcTO5IV12pKRZv1HqoqPvZveRdx_pBdccNu-ZUDvBQh3pjnz9AgAAADtSAAAAAmgBB5kC3UZ8QUgMfwHqtTwCyA2S5DujyI2BxaAd9urJFwzM_Xvo3r3tatjknLikrdwBLCh4pdeeg0mmsJxRiKFoY5HAMKmk87Vmw8YXuwxMDyankjkrdWkikzfJYnIlygw7xqaMqH5KEEHZJNiGy94XJWETJoMWkMR8YlhYpQV_pgO94fE8Sgkn_KKgalpREut4EtsBYSINESLofuQoq3qRM10-dVwgry5sU3dMMWY_Pi7ooZQwukXUcNWJI-HJVDSZoz5P7EJFmvIfkt0RtKRLWBQ2mkMknUv-k15ORAPyAUykHRAb-h9zUjWxJ8ztzh4ry7SxQg-Ml8M6o4j-a8q8n4ChyEtDK1bFvhmC4QaSRDPgh9S_CWJwjuSiBaDtZnleePPWEwmAQ3QTHfuGiYK1KxWmy6UVdQgbsmQ3d6tw7B146tFrPdqYCsW449bU9X3mkIJODjNPAZg343BcndBA4mLFS9cTLTz-oMDOf5PMsHwpkwQERpdPhRmK-9RFOP0lsuZAy1DufXm2BQHzt5v6bKG5XIumMDTZhbZsGyEoD9bEoHcuoimOemvnJ_-T3NGuIU32ysNcjoevOV-RbCTBljLDuwNeoEuE52dCyDT1CoSRMfqdsyZArh7ZfVyCKOAM11RRoVrakfUn5cQRZIEOxeALYddu5SwbmoFh4FZQqyFWzZ25mh2_yo8aBJT9HzWb3k_8hsPNrODUFsKGFDeeUF-ShEhGyaJNpK7wZrYJvDipEoi7MFn1kdXo_iE2FdpT8A7GIMpaWWW9DUlpTYY270tbCR4fzDLHzKoGssRcXKUIDUJPf5DkxHj7gmZK_CwXElQaHnqZ_GigF2xYGRTh9MJmRw77mbMw-L1I3SxPvoB5warDUmTZ_0Iqk1srm36hcAslodE_dAcTHJQREMeM2nOwMawSciqWyTKjzPaxzy3bpr-TRfHZdGHVQD3Lc-IITVKG4f6U9I7A_hFCvszPvoM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ 0
225 B 848ms
274ms Ping
image/gif 2404:6800:4003:c1c::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lq9oxj9m&ctx=0&met.9=1.2ga~2.2pz&met.3=112.4u1_1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c1c::78 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 16:17:41 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: p3.isanook.com
URL: https://p3.isanook.com/sh/0/di/ac/vl/spacer.gif

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1258

Verdicts & Comments Add Verdict or Comment

871 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

55 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sanook.com/	1970-01-20 19:10:05	Name: _gcl_au Value: 1.1.1128908288.1702829853
.sanook.com/	1970-01-20 19:10:05	Name: _fbp Value: fb.1.1702829853538.1801410464
.sanook.com/	1970-01-21 02:36:29	Name: _ga_M0RYDTKBFK Value: GS1.1.1702829853.1.0.1702829853.60.0.0
.sanook.com/	1970-01-21 01:46:05	Name: _ht_v Value: 1702829853.6943902680
.sanook.com/	1970-01-20 17:00:31	Name: _ht_s Value: 1702829853.2
.sanook.com/	1970-01-21 02:36:29	Name: _ga Value: GA1.2.984302906.1702829854
.sanook.com/	1970-01-20 17:01:56	Name: _gid Value: GA1.2.1495663451.1702829854
.sanook.com/	1970-01-20 17:00:29	Name: _gat_UA-8147095-6 Value: 1
.doubleclick.net/	1970-01-21 02:22:05	Name: IDE Value: AHWqTUmQzxPQTnREFgDMxq8ocNK2CJadOGBc5dCOT-S1BMkvGvLBNaAI-A4ZmuiW
.sanook.com/	1970-01-21 01:46:05	Name: sa_optout Value: 2
.sanook.com/	1970-01-21 01:46:05	Name: dc_optout Value: 2
.sanook.com/	1970-01-21 01:46:05	Name: ads_optout Value: 2
.sanook.com/	1969-12-31 23:59:59	Name: _cbclose Value: 1
.sanook.com/	1969-12-31 23:59:59	Name: _cbclose45879 Value: 1
.sanook.com/	1970-01-21 01:46:05	Name: _uid45879 Value: C5081AE1.1
.sanook.com/	1970-01-20 17:00:31	Name: _ctout45879 Value: 1
www.sanook.com/	1969-12-31 23:59:59	Name: verify Value: test
.criteo.com/	1970-01-21 02:22:05	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 02:22:05	Name: uid Value: 54513527-d653-4efd-94d1-381270332204
www.sanook.com/	1970-01-20 17:43:41	Name: _pbjs_userid_consent_data Value: 3524755945110770
.sanook.com/	1970-01-21 02:36:29	Name: _ga_17F0RQM2JW Value: GS1.2.1702829854.1.0.1702829854.60.0.0
.sanook.com/	1970-01-21 02:22:05	Name: cto_bundle Value: gD8bZF82VDhuUXlMcjMwWXI5SUt3b3olMkJJMVVweVZhS0h4YiUyRm9QMW5kbDhVMHVXSjYxTGZVSHljYVpjM1hhJTJGVGslMkJod0dOak1zVzhKTFE4RXZVZTdjaUNkSXRuN2NoM25KVEJBbjRiVVFBTzN5aFF5RmRZQ2tEMmdCT3hXVzRUcnZEcjJ3b1ZaNHhNd1d0MnVXeTUzdzgzbVpUdyUzRCUzRA
.www.sanook.com/	1970-01-20 17:01:56	Name: freq.5f73e63e47e7040e00000000 Value: 1
.rubiconproject.com/	1970-01-21 01:46:05	Name: khaos Value: LQ9OXHED-S-EW4L
.rubiconproject.com/	1970-01-21 01:46:05	Name: audit Value: 1\|naVuGyos1qpp9KOlFeLW7gNb0fGVcfL/XWaA1sYWTLHiXIXbtn90wyefGvlwNOKWQ6V1Ny0w888jft+xAT1+NiYbB5SW5XQ3876gXU9t9lMijy0RC4Zd8Ri5j99IjSR+
.sanook.com/	1970-01-20 17:00:29	Name: lotame_domain_check Value: sanook.com
.sanook.com/	1970-01-21 02:22:05	Name: __gads Value: ID=dfcd3b7e2d1d4ec2:T=1702829855:RT=1702829855:S=ALNI_MZRbEcMPsqLEAB8VRbCaf03FqIi7w
.sanook.com/	1970-01-21 02:22:05	Name: __gpi Value: UID=00000d1e132ddd63:T=1702829855:RT=1702829855:S=ALNI_MassMQqMVpzKv_gydIUHD-np9_8lQ
.openx.net/	1970-01-21 01:46:05	Name: i Value: f8985781-6cb5-4363-876d-b07753b923f2\|1702829855
.casalemedia.com/	1970-01-21 01:46:05	Name: CMID Value: ZX8fH.fbsVhOf3aYSGRgMgAA
.casalemedia.com/	1970-01-20 19:10:05	Name: CMPS Value: 3257
.casalemedia.com/	1970-01-20 19:10:05	Name: CMPRO Value: 3257
.adnxs.com/	1970-01-20 19:10:05	Name: uuid2 Value: 2096855239397357790
.adsby.bidtheatre.com/	1970-01-20 17:10:34	Name: __kuid Value: 588cc097-199c-4952-ae53-21289a95ce49.472043855
.rfihub.com/	1970-01-21 02:22:05	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0srA0MjUzMjQ3NhTiM9QtcEqKDCgw9fQIcXQEAMNEH5klAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0srA0MjUzMjQ3NhTiM9QtcEqKDCgw9fQIcXQEAMNEH5klAAAA
.rfihub.com/	1970-01-21 02:22:05	Name: eud Value: H4sIAAAAAAAA__vFyGtobmBkYWRpYWpqaWEBAItAYFYQAAAA
.innity.com/	1970-01-21 02:36:29	Name: iUUID Value: 22a2e6d0133f49562eb9578e4afa33e2
.ctnsnet.com/	1970-01-21 01:46:05	Name: cid_bd7f22a130c14b18b7d2a891650def15 Value: 1
.sanook.com/	1970-01-21 02:36:29	Name: iUUID Value: 22a2e6d0133f49562eb9578e4afa33e2
.sanook.com/	1970-01-20 17:00:31	Name: innity.dmp.225.sess Value: 1.1702829857007.1702829857007.1702829857007
.sanook.com/	1970-01-20 17:00:31	Name: innity.dmp.225.sess.id Value: 113530628.225.1702829857007
.sanook.com/	1970-01-20 17:01:56	Name: innity.dmp.cks.innity Value: 1
.sanook.com/	1970-01-21 02:36:29	Name: _sa Value: SA1.2.1754712289.1702829857
.amazon-adsystem.com/	1970-01-20 21:44:10	Name: ad-id Value: A8Lb5srlIU_noGzfgwr7XqY
.amazon-adsystem.com/	1970-01-21 02:36:29	Name: ad-privacy Value: 0
www.sanook.com/	1970-01-20 17:00:33	Name: _lr_retry_request Value: true
www.sanook.com/	1970-01-20 17:43:41	Name: _lr_env_src_ats Value: false
www.sanook.com/	1970-01-20 18:26:53	Name: pubmatic-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-12-17T16%3A17%3A37%22%7D
m.exactag.com/	1970-01-20 19:10:05	Name: exactag_new_gk Value: 6c1f2803f2c24e2493b7bab963cb1132%7C15.02.2024%2016%3A17%3A37
m.exactag.com/	1970-01-20 21:19:41	Name: exactag_new_uk Value: 52edc39eadb245c48d07f8c06c62b115%7C
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: e8423af9240d4a27a98d0781
avd.innity.com/	1970-01-20 17:01:56	Name: geo Value: EU%3BGermany%3BDE%3B%3B%3B
www.sanook.com/	1970-01-20 17:43:41	Name: _rtbpbjs_userid_consent_data Value: 3524755945110770
.sanook.com/	1970-01-21 01:46:05	Name: FCNEC Value: %5B%5B%22AKsRol_xhh_YImLyPjQZ2g6wA8EpmyA_QhewqiMhmcJOa1dR1vpIoPUdIH4kcEhCLurtwL2V6Z2YDN52jefjWoOwtptDGblwZQPmKFcBCW-2KgtLf_dmnyGKLBSpaKAKWmCmJsFtVckcaB5joceg2pBRNa4hQgLeNw%3D%3D%22%5D%5D

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://rtb-eu.andbeyond.media/hb?zone=136922&v=1.6 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
other	warning	URL: https://f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript	error	URL: https://www.sanook.com/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://www.sanook.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4305d22e66b225320ecc4bea83b468f8.safeframe.googlesyndication.com
a.ad.gt
a.teads.tv
acdn.adnxs.com
ads.eu.criteo.com
ads.pubmatic.com
api.rlcdn.com
avd.innity.com
avd.innity.net
bam.nr-data.net
bcp.crwdcntrl.net
beacon.taboola.com
bidder.criteo.com
c.amazon-adsystem.com
cat.nl3.eu.criteo.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.ocmtag.com
cdn.prod.uidapi.com
cdn.taboola.com
cdnjs.cloudflare.com
cm.ctnsnet.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
connect.facebook.net
csi.gstatic.com
csm.eu.criteo.net
dc.sanook.com
dsum-sec.casalemedia.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
f3b3c0ef3097c62f28485a270bcb3760.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fundingchoicesmessages.google.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
graph.sanook.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
image6.pubmatic.com
imageproxy.eu.criteo.net
js-agent.newrelic.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
lvs2.truehits.in.th
m.exactag.com
match.adsby.bidtheatre.com
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
p.adlooxtracking.com
p.rfihub.com
p3.isanook.com
pagead2.googlesyndication.com
region1.analytics.google.com
rtb-eu.andbeyond.media
rtb.nl3.eu.criteo.com
rtbdemand.apiip.net
rtbpass.andbeyond.media
s.amazon-adsystem.com
s.isanook.com
sal.isanook.com
sb.scorecardresearch.com
sdk.ocmhood.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
sloth-api.sanook.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
t.ocmhood.com
t.pubmatic.com
tags.crwdcntrl.net
tencentth-d.openx.net
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
ut.pubmatic.com
wrappers.geoedge.be
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.sanook.com
api.rlcdn.com
p3.isanook.com
104.18.36.155
108.138.1.25
108.157.4.15
108.157.4.57
119.81.216.16
134.122.57.34
142.250.186.130
151.101.1.44
151.101.129.108
151.101.195.52
151.101.66.137
162.19.138.116
162.19.138.117
162.247.241.14
172.217.18.2
172.64.149.180
172.64.151.101
178.250.1.6
18.66.248.90
184.30.211.26
185.64.189.112
185.64.189.226
185.64.190.82
185.89.211.12
193.0.160.130
198.47.127.19
2.19.244.232
2001:4860:4802:34::36
203.151.128.172
203.151.130.72
203.151.133.6
203.154.58.214
213.202.235.9
23.215.19.214
2404:6800:4003:c1c::78
2600:9000:2315:d800:2:d490:4d80:93a1
2600:9000:243d:cc00:a:e047:753:a221
2602:803:c003:200::41
2606:4700:10::6816:3556
2606:4700:10::6816:35ad
2606:4700:10::6816:445
2606:4700:10::6816:545
2606:4700:20::681a:6e4
2606:4700:20::ac43:4809
2606:4700::6810:5514
2606:4700::6811:180e
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2008
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2002
2a00:1450:400c:c0c::9d
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::9
2a02:2638:3::c
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3121::3
34.102.146.192
34.107.231.31
34.120.135.53
34.251.84.60
34.95.81.168
34.98.64.218
35.186.193.173
35.71.131.137
43.152.26.197
52.46.130.91
54.220.142.223
61.91.93.45
69.173.144.138
77.245.57.78
95.101.149.233
95.101.149.35
0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda
011bd378ed94b3eeadc34a4dea27aa582ad03a795e6030822765a6378c251215
01e961362810d1c8c1e67cfc8ed95b51a9ce60244da9f896ba8de49f591acb6a
020056baa8b9a077e7d01ac15265b4708c74c0e6d9681a93f2f5a74e68006631
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
089add41671da8e37147f26f66a4ade54751cd9eb4a0aea25b821344dac7b2aa
08a8463bf15cca775e8cc01995f1d42758cbda90dee2b7019fee15daa62822c9
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0ae2636db175ec850534c29cc10e4c036c423a43a19ae1ea0c25349673975aa1
0b2e019fbe37d9642ad85f3194ef708e5510f4e580544587d3036d2c6a22809e
0b55ec4e5aa91ac70224085c402a372fcdd954dd4df3229b7de7efbfa86cff3c
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0fc98c135a2fc30eb81a14617a47ff036f4c71bfc80dbb1f24e47908c9188862
107e290e7dc990c5e7d752e1703fc75ba6a4028b90f9833730ef8e7ce801dd38
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
1150925cc59c7046516a9aaaf3d9add1cd9cce4f6a5002154a4cfe3432906427
1181419d24f84fff2333f63d9728ca0a783e7cedee634f89aa01ce83bd323599
119172b9fea1ffe0901557e8bab5822cc645824d7033fd0f2393e7ba592a9cb4
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
12c77ac611a4332b163f12367043df571ad45e56537880d12235f9aa3376e777
19af4f5fbc141187502a7ee6f820c37f4b2042673098ca75c31b639270933c0b
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1bf2204e4bc320500b589d112b120f2c00240f6bac71af61590485ae0ebc5998
1cab0830755212e1cbd2dbdff3573009cfa1247def9382562c1380265bcd580d
211ce11050c57b74d7f793232305a8ee5cea7f061366efaa6df4bff5cb7a2495
22348b52cda513e7ac773bc5c0d398603f5d4fe25c3da7dd5a9d76fbdef1d94c
227e3aaf68e061877bec62f5cdfc357daa7e880ef97481b6b58ead38491bbbc5
22b15a8eda7a0fef1474ebffb78ba7ebb95e719e78ae398d30468280a8c6302b
2327a8d8f9653319821ce97921eca3b041216c75909261367d9f94fa175b11d7
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
24d69d92d039760367c17f1b3dc994220ff4471139e943cd24c87ab90f734713
2656439baaa1e22176e27fba2993b54682f99ddf03c7a9e1276ec5c9e113c962
267037fe49ce85195ae3cfe5f7e4039076293f0b6778f6b943130c7940c8335f
27e3898e078a99fc5f43b11cbef454a94563852fc306e3a9f163146e02751a19
2ac05fa6e28bdd8a7dae41f39d4f0d1d1fdd2375132dc85e99a9e35fbb24d880
2ad2e0dabfe69db1f2fa50e28da4cff673db42de2a7c9990610dc913ae7f8ab5
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
315aacfcbe0d3b9427874fdd795d5d2a2362c5be99b700588afaac8a6f5616ad
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32d4e32610f665f17e5f51340879ea8ef32485270d3e74e8e70eeae967b32cfd
35230b8d720cfa178fb689ef80985e67db044b7c7b4119f5141c10c19855e36f
3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad
38e86daa57bc126c19f0ff7684da4c1bf2039c6a17e19d5521892e300e6bb0d9
39a8c3d51f1e7e9cd489da87221cc4d8bc854a4de9b3dc15d000231b37cc3cde
39a9767a33fe8b9d31f24bb9f29f98152c9f738a1bf59539cfd87285d30be231
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e0f70c196f0e6fd6c0e9497434f48dc65b478d09d487dcdc2012217671d3a3a
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3fd13b0daf2652dbdb226aa907f3bca0cf7d986fe8445cb6beff7f22da20f43f
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
412e44de7c09f2b8d76b1ad4ca25cc6915bcca5d737aaa7c5a6b44e5965d1d6d
436f0b60b682579b473968657d43c773c7666809230e42b720fc2fc3d047494b
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47d18e030c178951d361a1438e2ebb89aabe78983d2f6bd6457eb2b3e4de8cf2
4c0a0f5ed97eea83fbeb45c20d834d703773f091515ae28d250b8d5417b4f4f0
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
4d3226726ef9f4598163b90ebcf90d8f2c46ab90b98dffa28e225936b2f78e34
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f80b6b9492d8591d006c59512737b2bf8509b15deb91a57ee74d8742905554e
504c0ac9eaa05ffc0fa1357b18b751e7adad81096bd420bf5533e87604fb2214
50b19099ebca11eae52e56b077ea2f8d618a21e6a9657a8de01467f764ef910f
5340106943b6cf74d0e557617764eb412114888f57530f15967853730f7aeefb
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55076a48d8ee9b9e6f2fe30a927937d8177aec82b5b1bb404624b62d632b3d39
551cb67908b5910e5386a7d01f0ff77835bf7c582e9fcc7319d16d79a8713779
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5a4fad4d5bbb0b37c8e70506190bf6175db58cd7bdefb8467a98a164aec659a2
5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305
5bb774fb865da61dae0b65bf25d3c6f9348e2b259aaef923cb042024fe0f5bca
5bf7724d62557cbb156e410f424acf0d48a3f5b6db47b4ba25db0699d9e1305a
5dfa82f46c4ae85ec1f5515f5b74b176b6b00343eb768ebbe7777a4cb00d30f9
5f0d4b3fa98a300ac1b5055301e8df30c479f98ef17134b40fd7d1b6ef7439da
6110bd3d72d24a65ab45401d0318208e362f323aca3c84d57a36523d34a60f0b
61853e3e3d0d99b5a7b68d6a0a2f8fee6379a72d66ceb2e9780be47c497c145e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61fccfdc6707e6432998da73d67d285fad858d68d59c9eb2657930772fb2cbd9
62998eb230205cec9dbb97bedc6654520af6e3b2b452f17c38b54eb10829a005
62f13c32ec22cd93dde4f5d90bd0804431b827940b8273bc4786bf790f975bc9
642e0c55f52b2a291e47f5ab2d322e35f6776d8ce73b9cc0bd86c65bd4a26620
65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6e4f265ae25001b6e13f02de58ebb919cf06cb9d0188a7ff379f785a490df70c
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72b957c8e33b77cbf556151dc0c974c59408561b4bf97828c5b400bb60663138
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
745f76c8d7cfbe00c5f1d9cd212b35730ca273ebdf6f8b0f3f4f69e0ccb2ba29
766a984719a042da3f63d970ca448ff8f22f6b879babcb0fbe9083991db464f5
76826516b4d37ab488d0163d4d43fa6f56199dae748fdfbabcd447c78528464e
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
7cbf36783315bdadefb9f09016f8d78c14c0ee5a1fc85fe1539470c8d59a9e49
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82dc0cf2539744d6ee76d6cfd5266e4af310d1975d077b75a83f347a62a2fd2d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843802a49830a0fe9ee5d87b7673d7a96da9e1ee0dc9b37193ad5700a46f3053
84dbea809787acd9c5c767113eb3f7bc492f55812613c10507f66f10d205db36
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e
8756f19020bac3a40d2a403c5f5bcf3ac5034bc0da074d6a383bbe6c32561de5
878c87c5d3e390a2b035362cd95500c82a86d480c8e82164dba82385f0185dc3
87bd6985d4c80ddfc0324e0f993596047d9ec47a247574fcdc915c199f032536
890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978
8ac27ef15d7500c039ef3d5ffb8a561719095bd122df2df51ea5b1366a85e947
8b7cd3ef9d27fc08613f249a665c61277cb5c92230ac4c70d9e6600c87a35cae
8c368c950dff147b7cce089e3deefcf48b378f2fdad58190092bb96a2761f28a
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9322efdae2c5486beff5f47153438ab4d03e1f72ae8837c75b6684f27d2edd10
9490faac2fae857cffea98f418d15c9d5a66f70c57642fd65d77c633de83578a
94dfca5e1c1e2144856593f12684f74da76179d1d681fef333a55f2913d8d1ef
953c799d711d331eed4c82605c36589a35016404cffcca4f59fdea5b3cc37930
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
98a5f16260df4c9d11eeb9d1ffe5416a54864a6b850c52dbb65f6ad7bece2c8b
98ee3328726e630fb64da0d696d2817005cf609a3404f7fd0761fece533be0f8
99da398e1c93e073e347e46332696897b6c159b05946eb09f36d77d07185d3ca
9c33ff539be42e647fd2fa5369a5c2203c88dcc33b50528018f4bd8228cbebab
9cd0cf9358f6d9ef9aecc29466faba4f8f2f5b9a79f03be60e6b220558fd4340
9f8d122f1588a26ef386a215fd7bd8f37bb8804a9896070302bc872fa5966a11
9fb83535f71541a1446c206bad8564a40ffe2aa64a08a2e32fce971f4086ee49
9fcb61b1ebede6235a8da1e9c82dce2dd5945790bcc05f20c8e257e8931a182e
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1b52d877ef6d6eacf3a6b7270f92ba09ec4a253238decd6d239582c104ce99d
a2927d4b587bf91bf2a958f9273e01f9447b14a161dda71f961be4be21c77df8
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a65fab2186a8f05b05c54e7b92d3858a4e372a909c6a9cb397415b0687181bd4
a66a935c99f0b6fc015a1ccc026d7be4d9c2327b98b019ec1bc758c16491f325
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a95c0b8697df5726a5be46013ce3c4b3673aff2552737e7916d1031445da4a84
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f
ac21498fd45945795cafa9100c0b530de3b03539ee3d212d7f1ab1e6d0b228bd
b043b201fd72c811f5da5481afa88ad3677eb05254889620391eb6ad0a8b9ff2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1980c0bb257d9dedcdc4259dc839235de4e711103a96c1d9be971cae6783a1d
b2009f6613a06a02b52183f9d9cb7a09960b3f2435b4a5c42e9a2e24d09e9e6a
b2849ea9beb74dcdbab8516e65304713e353e2c98ac578f53659e54a37ac7bb2
b2bb8debb0b4e407cc789a3841d55f3c8e9f7804e91e77a056b529de9803f42c
b63098fff186da20d72d50a2fb1746e60292353086833e835d7db6f6cf18ca5c
b838ce70a090231be8c745e32e5b6544bb0aa5c4e83ea15cf992feab33989be2
b9e38cc9731430afe84fde118d71237c9a86fce3230e5ac7ae1d7f86c102842a
b9fa86da3afec7c9a668c72d497e4fc08cc18e217aca94001a42459ec7add5d1
bb9ed1770e9024deb98eee45ba561267d7ef74129e952928e7d62d581948bc0e
bd1b9bcd79a953c779d560fa9326e70b7d2b15ed8d6eae6fba970d9de764b4e5
bdf54f2412ac33a508ffbe91eb947c135521fd7f82fddfbe198ff83836c59832
be670c3d3cc9021e3e244a863bd36f5c685a09f46cffefdb930b9fefee0fec0e
bf9396f2dceb8c82ff00c0ac4dd321e787ab337fd90789c21651cb127997adce
c00eecfe21da5ebce40280fea44aa14acdfe37daccfc48595f2ae4700fa4840e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2763482440a152dd8ccdfe3ad27596195ee63d1a3f71dd6acc5d1429a69d746
c60e2fc9ce0914bf1cf11e141c745da30edc15af953fd6682d0d95df5d83f809
c694120d4c491494170bc68955792636a4016f9f44d1720818fa6c2ca35888f7
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
c86d792f85479bc941b4eb8e817e461f88e5b57097f65c48529b509857bda2ea
c874f708f5b975cd971bc4b89f3a432a46121a549273f79c0e1363ef54001157
cb4ad9fca15600096a8d9107572e52f9c6f1cd930e9b6dbcf0954192c786da14
cc37a5c347dd6d2cdd206b898667a8582f0b9eb42823c88735238b344ebab4b9
d33247e83dec1323d2ae9bc98565c27e5cef5f88de426ff218733bf8f7eeb05e
d57aeaf80265f0b85de1bf9798c3eb60e8b8a71869a16cea4873e21667c9f657
d68c3ead837103c502de483abfdb0167fa83abe2a3ba452df2d5f216289f6c9f
d89a94b5974cdd891c4bfe752ec0ca47c9c180ffa169560044baf30162cfa869
dae6e68572a869a60c0ed61fda94e5e7b4df1bbbc42788ce9bf407dbafafde3b
dbc8e7010be7250d7092fa7cdfc81186f97e3abf060d836d4054ba37f1160ce3
dc8e270a6c4089b306a6058d541e71d584db80c236f99875470008a97c8303c5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e16941500a7e562826092aa4e31a907a0c6e9354e4c843391cd3fdec33602bb1
e364858ef5498efcd2a89b1ab43ba7c2a450344ae3329695ce115b51b224b9ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f66edeac3b3a3f7b2cd9d2c9c0365f42b989cc873dd956522bcc03e1279413
e703a095f6114a9905c889cd75b7bd1059a758b00d3c01ca55f3f064a686a389
e73d45691c36b007c87cd1ed1ce56852d6def5a303e08d3726493b559ac60c0f
e74dd3e4008f14b890f198e3d55e41819f7b84004802dbc06905e53dcd62522a
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e957118565b32ebfa32d41eea0ba8511d78e1a70bea62b13697bd9ca3c7ee589
eb9259aebd19a094d3d7073bf6a137120374376a5a94dece19bb09d8d7062425
ec6bfa1a7829b5bc2346d4d4fe55076442c88a688b78b8e048e4e78d2771db2a
ee4af143a6a0a29cda4f26e4e9e05fbc58918dfa32bb26bb7f43b266afc0a085
ee792d6654698f7c088a8ae05942488f954ce013109bd82c4c1c37eb38f6148b
ee855581a36f5e32f1850e5d174d46156e51d3790a84851000c6b8cc0f135408
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef19e3064e5fd9e046a6f4661949e2c7b1c7862f5269ac227ab08b8f63da87fe
ef99872383d06605558112058dcaf932036b3685ed092edace07b1266e4d39fc
f044c49a5db03bc023e8900a97a4499f6d5c15c8efce18aa9cd289d0e45921f2
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b
fbbee535e64f28afbcf1031ec8f00447d7c0ec9791d08f994bcb51835e88f82d
fc6eb13198c4d3141d5a302a50f3e3b6e69bff1099894f7f435161579a72571a
fd8c1cf4274cae5e1e5a37133cc23b80392ef88c43b798d3748f43948dbb53f0
fe00fe0cd2d9d5daf36801a5e2a5b72a39090003ed239fd412a0e789b2e97c63
fee99ad0bd0cd5995682405178d9d2ede85fed5c79f543d8b740f53395291f64

www.sanook.com Open in urlscan Pro 203.151.128.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

303 Requests

96 %HTTPS

42 %IPv6

53 Domains

95 Subdomains

81 IPs

10 Countries

3998 kBTransfer

12019 kBSize

55 Cookies

24 Outgoing links

Redirected requests

303 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.sanook.com Open in urlscan Pro
203.151.128.172 Public Scan

Screenshot
Live screenshot

Full Image

303
Requests

96 %
HTTPS

42 %
IPv6

53
Domains

95
Subdomains

81
IPs

10
Countries

3998 kB
Transfer

12019 kB
Size

55
Cookies

303 HTTP transactions
2 data transactions