news.sanook.com Open in urlscan Pro
203.151.128.160 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto
Submission: On November 02 via manual (November 2nd 2023, 1:53:19 am UTC) from TH — Scanned from DE

Summary HTTP 145 Redirects Links 73 Behaviour Indicators

Summary

This website contacted 31 IPs in 6 countries across 22 domains to perform 145 HTTP transactions. The main IP is 203.151.128.160, located in Mueang Samut Prakan, Thailand and belongs to INET-TH-AS Internet Thailand Company Limited, TH. The main domain is news.sanook.com. The Cisco Umbrella rank of the primary domain is 876240.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on June 16th 2023. Valid for: a year.

This is the only time news.sanook.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	203.151.128.160 203.151.128.160	4618 (INET-TH-A...) (INET-TH-AS Internet Thailand Company Limited)
78	43.152.26.197 43.152.26.197	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	61.91.94.165 61.91.94.165	7470 (TRUEINTER...) (TRUEINTERNET-AS-AP TRUE INTERNET Co.)
2	18.245.60.107 18.245.60.107	16509 (AMAZON-02) (AMAZON-02)
2	203.154.58.214 203.154.58.214	4618 (INET-TH-A...) (INET-TH-AS Internet Thailand Company Limited)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	61.91.93.41 61.91.93.41	7470 (TRUEINTER...) (TRUEINTERNET-AS-AP TRUE INTERNET Co.)
1	2a03:2880:f08... 2a03:2880:f084:10d:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.66.97.109 18.66.97.109	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:9e00:a:e047:753:6381	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	34.249.63.196 34.249.63.196	16509 (AMAZON-02) (AMAZON-02)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
145	31

1 203.151.128.160 (Mueang Samut Prakan, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 160.128.151.203.sta.inet.co.th

news.sanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

78 43.152.26.197 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)

p1.isanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.isanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 61.91.94.165 (Bang Phli, Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-94-165.static.asianet.co.th

sal.isanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.60.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-107.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 203.154.58.214 (Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 203-154-58-214.northern.inet.co.th

lvs2.truehits.in.th	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 61.91.93.41 (Bang Phli, Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-93-41.static.asianet.co.th

www.sanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:10d:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-109.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:9e00:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

59d611db1c429489a78dbd7f958179d5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.63.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-63-196.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
79	isanook.com p1.isanook.com — Cisco Umbrella Rank: 902904 s.isanook.com — Cisco Umbrella Rank: 98372 sal.isanook.com — Cisco Umbrella Rank: 116862	778 KB
19	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3040 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1359 www.google.com — Cisco Umbrella Rank: 2	67 KB
9	googlesyndication.com 59d611db1c429489a78dbd7f958179d5.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	72 KB
7	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78	138 KB
5	google.de www.google.de — Cisco Umbrella Rank: 6862	840 B
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 454 mug.criteo.com — Cisco Umbrella Rank: 2926	7 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1656 google-bidout-d.openx.net — Cisco Umbrella Rank: 1665	729 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	259 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 863 id5-sync.com — Cisco Umbrella Rank: 440	31 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 976 bcp.crwdcntrl.net — Cisco Umbrella Rank: 887	12 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	87 KB
2	truehits.in.th lvs2.truehits.in.th — Cisco Umbrella Rank: 95668	9 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 172	3 KB
2	sanook.com news.sanook.com — Cisco Umbrella Rank: 876240 www.sanook.com — Cisco Umbrella Rank: 108824	26 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	1 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1762	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491	3 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 668	13 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145	2 KB
1	facebook.com graph.facebook.com — Cisco Umbrella Rank: 130	628 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	31 KB
145	22

	Domain	Requested by
54	s.isanook.com	news.sanook.com s.isanook.com
24	p1.isanook.com	news.sanook.com p1.isanook.com
13	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net news.sanook.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
5	www.google.de	news.sanook.com
4	www.google.com	1 redirects news.sanook.com tpc.googlesyndication.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	news.sanook.com www.googletagmanager.com www.google-analytics.com
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects news.sanook.com
2	region1.analytics.google.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	connect.facebook.net	news.sanook.com connect.facebook.net
2	lvs2.truehits.in.th	news.sanook.com
2	sb.scorecardresearch.com	p1.isanook.com news.sanook.com
1	mug.criteo.com	news.sanook.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	59d611db1c429489a78dbd7f958179d5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	www.googleadservices.com	www.googletagmanager.com
1	graph.facebook.com	p1.isanook.com
1	www.sanook.com	s.isanook.com
1	sal.isanook.com	news.sanook.com
1	www.googletagservices.com	news.sanook.com
1	news.sanook.com
145	35

This site contains links to these domains. Also see Links.

Domain
www.sanook.com
sso.member.sanook.com
truehits.net
muan.sanook.com
www.sanook77.co
comics.sanook.com
video.sanook.com
tv.sanook.com
dictionary.sanook.com
guru.sanook.com
women.sanook.com
www.facebook.com
twitter.com
www.youtube.com
www.linkedin.com
sport.sanook.com
money.sanook.com
webboard.sanook.com
lineit.line.me
horoscope.sanook.com
webboard.news.sanook.com
www.innnews.co.th
www.rakdara.net
www.voathai.com
newsplus.co.th
itunes.apple.com
play.google.com
feedback.sanook.com
www.tencent.co.th

Subject Issuer	Validity	Valid
*.sanook.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-16` - `2024-07-16`	a year	crt.sh
*.isanook.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-12` - `2024-10-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
lvs2.truehits.in.th Sectigo RSA Domain Validation Secure Server CA	`2023-01-29` - `2024-02-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-11` - `2023-11-09`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-09-25` - `2023-12-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto
Frame ID: 318D9DF02E13F79C9DA3405F38972B9A
Requests: 135 HTTP requests in this frame

Frame: https://www.sanook.com/cross-storage/hub.html
Frame ID: DC1ADC5BF3912A164218D82E42A764D4
Requests: 1 HTTP requests in this frame

Frame: https://59d611db1c429489a78dbd7f958179d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0799DF6B7724B922D762D095DE40D2A6
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 061C16C0A0570CB94CDF403845D37D99
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=news.sanook.com&us_privacy=1---&gpp=&gpp_sid=-1
Frame ID: 10BC3691BEE07E5388E4194B33CB38A2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3046C6BD45DE492583BBB2C6413D7310
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 85750E575DFFC0010DD64153813EEA34
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ตรวจหวย ตรวจผลสลากกินแบ่งรัฐบาล งวด 1 พฤศจิกายน 2566

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

145
Requests

98 %
HTTPS

58 %
IPv6

22
Domains

35
Subdomains

31
IPs

6
Countries

1569 kB
Transfer

3918 kB
Size

19
Cookies

73 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sanook.com/policy/
Title: นโยบายความเป็นส่วนตัว

Search URL Search Domain Scan URL

URL: https://www.sanook.com/cookiepolicy/
Title: นโยบายคุกกี้

Search URL Search Domain Scan URL

URL: http://www.sanook.com/

Search URL Search Domain Scan URL

URL: https://www.sanook.com/news/
Title: ข่าว

Search URL Search Domain Scan URL

URL: https://www.sanook.com/sport/program/
Title: ผลบอล

Search URL Search Domain Scan URL

URL: https://www.sanook.com/news/entertain/
Title: ข่าวบันเทิง

Search URL Search Domain Scan URL

URL: https://www.sanook.com/sport/
Title: ข่าวกีฬา

Search URL Search Domain Scan URL

URL: https://www.sanook.com/horoscope/play/dream/
Title: ทำนายฝัน

Search URL Search Domain Scan URL

URL: https://sso.member.sanook.com/member/signup.php?psnid=000001-000046-000049-000001&surl=https%3A%2F%2Fnews.sanook.com%2Flotto%2F%3Futm_source%3Demail-lotto%26utm_medium%3Demail%26utm_campaign%3Dedm-mail-lotto
Title: สมัครสมาชิก

Search URL Search Domain Scan URL

URL: https://sso.member.sanook.com/member/login.php?psnid=000001-000046-000049-000001&surl=https%3A%2F%2Fnews.sanook.com%2Flotto%2F%3Futm_source%3Demail-lotto%26utm_medium%3Demail%26utm_campaign%3Dedm-mail-lotto
Title: เข้าสู่ระบบ

Search URL Search Domain Scan URL

URL: https://truehits.net/stat.php?login=sanook

Search URL Search Domain Scan URL

URL: https://www.sanook.com/hot/
Title: เรื่องฮอต

Search URL Search Domain Scan URL

URL: https://www.sanook.com/money/
Title: ข่าวเศรษฐกิจ

Search URL Search Domain Scan URL

URL: https://muan.sanook.com/
Title: ข่าวลาว

Search URL Search Domain Scan URL

URL: https://www.sanook77.co/
Title: ข่าว 77 จังหวัด

Search URL Search Domain Scan URL

URL: https://www.sanook.com/horoscope/
Title: ดูดวง

Search URL Search Domain Scan URL

URL: https://www.sanook.com/news/laolotto/
Title: หวยลาว

Search URL Search Domain Scan URL

URL: https://www.sanook.com/women/
Title: ผู้หญิง

Search URL Search Domain Scan URL

URL: https://www.sanook.com/men/
Title: ผู้ชาย

Search URL Search Domain Scan URL

URL: https://www.sanook.com/campus/
Title: วัยรุ่น

Search URL Search Domain Scan URL

URL: https://www.sanook.com/hitech/
Title: ไอที

Search URL Search Domain Scan URL

URL: https://www.sanook.com/auto/
Title: รถยนต์

Search URL Search Domain Scan URL

URL: https://www.sanook.com/health/
Title: สุขภาพ

Search URL Search Domain Scan URL

URL: https://www.sanook.com/travel/
Title: เที่ยว-กิน

Search URL Search Domain Scan URL

URL: https://www.sanook.com/choice/
Title: Sanook Choice

Search URL Search Domain Scan URL

URL: https://www.sanook.com/movie/
Title: หนัง-ละคร

Search URL Search Domain Scan URL

URL: https://www.sanook.com/music/
Title: เพลง

Search URL Search Domain Scan URL

URL: https://www.sanook.com/game/
Title: เกมส์

Search URL Search Domain Scan URL

URL: https://comics.sanook.com/
Title: อ่านการ์ตูน

Search URL Search Domain Scan URL

URL: https://video.sanook.com/
Title: คลิป

Search URL Search Domain Scan URL

URL: https://www.sanook.com/podcasts/
Title: พอดแคสต์

Search URL Search Domain Scan URL

URL: https://www.sanook.com/gallery/
Title: แกลเลอรี

Search URL Search Domain Scan URL

URL: https://tv.sanook.com/
Title: ดูทีวี

Search URL Search Domain Scan URL

URL: https://dictionary.sanook.com/
Title: พจนานุกรม

Search URL Search Domain Scan URL

URL: https://www.sanook.com/howto/
Title: ฮาวทู

Search URL Search Domain Scan URL

URL: https://guru.sanook.com/
Title: กูรู-รอบรู้

Search URL Search Domain Scan URL

URL: https://www.sanook.com/thailandguide/
Title: NEW Thailand Guide

Search URL Search Domain Scan URL

URL: http://women.sanook.com/244697/
Title: Trending Today

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sanookeveryday/
Title: FB

Search URL Search Domain Scan URL

URL: https://twitter.com/sanook
Title: TW

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/SanookTV
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/1013623?trk=tyah&trkInfo=clickedVertical%3Acompany%2CclickedEntityId%3A1013623%2Cidx%3A2-1-2%2CtarId%3A1465882069006%2Ctas%3ASanook
Title: Linkedin

Search URL Search Domain Scan URL

URL: http://sport.sanook.com/
Title: กีฬา

Search URL Search Domain Scan URL

URL: http://money.sanook.com/
Title: เศรษฐกิจ

Search URL Search Domain Scan URL

URL: http://webboard.sanook.com/forum/?board=258
Title: เว็บบอร์ด

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fnews.sanook.com%2Flotto%2F%3Futm_source%3Demail-lotto%26utm_medium%3Demail%26utm_campaign%3Dedm-mail-lotto

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=%E0%B8%9C%E0%B8%A5%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A%E0%B8%B2%E0%B8%A5%201%20%E0%B8%9E%E0%B8%A4%E0%B8%A8%E0%B8%88%E0%B8%B4%E0%B8%81%E0%B8%B2%E0%B8%A2%E0%B8%99%202566&url=https%3A%2F%2Fnews.sanook.com%2Flotto%2F%3Futm_source%3Demail-lotto%26utm_medium%3Demail%26utm_campaign%3Dedm-mail-lotto&via=sanook

Search URL Search Domain Scan URL

URL: https://lineit.line.me/share/ui?url=https%3A%2F%2Fnews.sanook.com%2Flotto%2F%3Futm_source%3Demail-lotto%26utm_medium%3Demail%26utm_campaign%3Dedm-mail-lotto

Search URL Search Domain Scan URL

URL: https://www.sanook.com/news/laolotto/23102566
Title: 23 ต.ค. 66

Search URL Search Domain Scan URL

URL: http://webboard.sanook.com/forum/?action=post;board=258
Title: ตั้งกระทู้ใหม่

Search URL Search Domain Scan URL

URL: http://webboard.sanook.com/forum/16496212
Title: เมาเซอร์ เปิดตัวชิ้นส่วนใหม่กว่า 16,000 ชิ้นในไตรมาสที่สามปี 2566 31 ต.ค. 2566, 16:45 น.

Search URL Search Domain Scan URL

URL: http://webboard.sanook.com/forum/16493140
Title: 15 ค่ำเดือน 11 หนองคายพร้อมต้อนรับนักท่องเที่ยวเทศกาลออกพรรษา 26 ต.ค. 2566, 12:50 น.

Search URL Search Domain Scan URL

URL: http://webboard.sanook.com/forum/16494472
Title: วันแรกของการประชุมความริเริ่มการลงทุนเพื่ออนาคตในริยาด 28 ต.ค. 2566, 20:34 น.

Search URL Search Domain Scan URL

URL: http://webboard.sanook.com/forum/16496890
Title: "หัวเว่ย" มอบรางวัลให้ผู้ชนะการประกวดปรับแต่งและใช้งาน AI 1 พ.ย. 2566, 13:57 น.

Search URL Search Domain Scan URL

URL: http://webboard.sanook.com/forum/16493308
Title: อ.ป๊อบพระสีวลี24ช.ม. แนะนำร้านซื้อ-ขายรถยนตร์มือ2 ฟรีดาวน์ 26 ต.ค. 2566, 18:06 น.

Search URL Search Domain Scan URL

URL: http://webboard.sanook.com/forum/16497562
Title: GCLSI รายงานการเติบโตใน 3 ไตรมาสแรก กำไรสุทธิเพิ่มขึ้น 240% YoY 2 พ.ย. 2566, 08:20 น.

Search URL Search Domain Scan URL

URL: http://webboard.sanook.com/forum/16497058
Title: ไดกิ้น ร่วมกับ ทรู แบงค็อก ยูไนเต็ด จัดกิจกรรมฟุตบอลคลินิคและ Player Escort 1 พ.ย. 2566, 17:06 น.

Search URL Search Domain Scan URL

URL: http://webboard.sanook.com/forum/16497040
Title: สู่อนาคตที่ดีกว่าที่โรงเรียนนานาชาติเซนต์สตีเฟ่นส์ (กรุงเทพฯ) 1 พ.ย. 2566, 16:51 น.

Search URL Search Domain Scan URL

URL: http://webboard.sanook.com/forum/16497022
Title: NPS สนับสนุนน้ำดื่มกิจกรรมจิตอาสาพัฒนาชุมชน 1 พ.ย. 2566, 16:01 น.

Search URL Search Domain Scan URL

URL: http://webboard.sanook.com/forum/16497016
Title: NPS สนับสนุนถุงยังชีพให้แก่ผู้ประสบภัยน้ำท่วมในพื้นที่ จังหวัดปราจีนบุรี 1 พ.ย. 2566, 15:57 น.

Search URL Search Domain Scan URL

URL: https://horoscope.sanook.com/play/dream/
Title: ทำนายฝัน

Search URL Search Domain Scan URL

URL: https://webboard.news.sanook.com/forum/?topic=3598191
Title: ฟังหวยออนไลน์

Search URL Search Domain Scan URL

URL: https://www.sanook.com/news/search/%E0%B9%80%E0%B8%A5%E0%B8%82%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94
Title: เลขเด็ด

Search URL Search Domain Scan URL

URL: https://www.sanook.com/news/tag/%E0%B8%AB%E0%B8%A5%E0%B8%A7%E0%B8%87%E0%B8%9E%E0%B9%88%E0%B8%AD%E0%B8%9B%E0%B8%B2%E0%B8%81%E0%B9%81%E0%B8%94%E0%B8%87
Title: หลวงพ่อปากแดง

Search URL Search Domain Scan URL

URL: http://www.innnews.co.th/

Search URL Search Domain Scan URL

URL: http://www.rakdara.net/

Search URL Search Domain Scan URL

URL: http://www.voathai.com/

Search URL Search Domain Scan URL

URL: http://newsplus.co.th/home

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/th/app/sanook!/id430564118?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=m.sanook.com

Search URL Search Domain Scan URL

URL: https://feedback.sanook.com/
Title: แนะนำ-ติชมเเละแจ้งปัญหาการใช้งาน

Search URL Search Domain Scan URL

URL: https://www.tencent.co.th/th/jobs/
Title: ร่วมงานกับเรา

Search URL Search Domain Scan URL

URL: https://www.tencent.co.th/th/
Title: เกี่ยวกับเรา

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 93

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=1625401677&cv=11&fst=1698889993777&bg=ffffff&guid=ON&async=1&gtm=45He3au1v77572129&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.sanook.com%2Flotto%2F%3Futm_source%3Demail-lotto%26utm_medium%3Demail%26utm_campaign%3Dedm-mail-lotto&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%9C%E0%B8%A5%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A&value=0&auid=936827614.1698889994&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=CQFDZdn7Nry-9u8P976SoAI&sscte=1&crd=&eitems=ChEI8O6HqgYQrtiO1bqf5Z6BARIdAOvfYP4wX7BK928P0TdmK9_acibXSBEX9ebAGio&pscrd=EkxDaEFJOE82SHFnWVE2N0Q5cjdtVnN1bEJFaVVBVUtxaUpLN0oxWkhDWGVBTWJfS24xdy0xR0R0ZjFhalNpeFBISEVtOG16Szd2Yi1OGlhDaEVJOE82SHFnWVF0dS02eHZYVTRNN3pBUkl0QUJTYy0xYkx2cXUtMGVpcmt6ZlVIVERPV1ZHM3dBcDZWZ2VJQ2ZEVHpKX0NOaEwxRWNEWFlWeV9FbHUyIhMImaTltJqkggMVPJ_9Bx13nwQk HTTP 302
https://www.google.com/pagead/1p-conversion/1007499765/?random=1625401677&cv=11&fst=1698889993777&bg=ffffff&guid=ON&async=1&gtm=45He3au1v77572129&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.sanook.com%2Flotto%2F%3Futm_source%3Demail-lotto%26utm_medium%3Demail%26utm_campaign%3Dedm-mail-lotto&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%9C%E0%B8%A5%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A&value=0&auid=936827614.1698889994&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOE82SHFnWVE2N0Q5cjdtVnN1bEJFaVVBVUtxaUpLN0oxWkhDWGVBTWJfS24xdy0xR0R0ZjFhalNpeFBISEVtOG16Szd2Yi1OGlhDaEVJOE82SHFnWVF0dS02eHZYVTRNN3pBUkl0QUJTYy0xYkx2cXUtMGVpcmt6ZlVIVERPV1ZHM3dBcDZWZ2VJQ2ZEVHpKX0NOaEwxRWNEWFlWeV9FbHUyIhMImaTltJqkggMVPJ_9Bx13nwQk&is_vtc=1&ocp_id=CQFDZdn7Nry-9u8P976SoAI&cid=CAQSGwDICaaNBLl5nAVSNwBx_g-2Ds_yPZ0bjwTnbg&eitems=ChEI8O6HqgYQrtiO1bqf5Z6BARIdAOvfYP5mjjXmM3xfCP-Ha0_sKGfUKPHqLyIZPSY&random=136702661 HTTP 302
https://www.google.de/pagead/1p-conversion/1007499765/?random=1625401677&cv=11&fst=1698889993777&bg=ffffff&guid=ON&async=1&gtm=45He3au1v77572129&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.sanook.com%2Flotto%2F%3Futm_source%3Demail-lotto%26utm_medium%3Demail%26utm_campaign%3Dedm-mail-lotto&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%9C%E0%B8%A5%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A&value=0&auid=936827614.1698889994&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOE82SHFnWVE2N0Q5cjdtVnN1bEJFaVVBVUtxaUpLN0oxWkhDWGVBTWJfS24xdy0xR0R0ZjFhalNpeFBISEVtOG16Szd2Yi1OGlhDaEVJOE82SHFnWVF0dS02eHZYVTRNN3pBUkl0QUJTYy0xYkx2cXUtMGVpcmt6ZlVIVERPV1ZHM3dBcDZWZ2VJQ2ZEVHpKX0NOaEwxRWNEWFlWeV9FbHUyIhMImaTltJqkggMVPJ_9Bx13nwQk&is_vtc=1&ocp_id=CQFDZdn7Nry-9u8P976SoAI&cid=CAQSGwDICaaNBLl5nAVSNwBx_g-2Ds_yPZ0bjwTnbg&eitems=ChEI8O6HqgYQrtiO1bqf5Z6BARIdAOvfYP5mjjXmM3xfCP-Ha0_sKGfUKPHqLyIZPSY&random=136702661&ipr=y

Request Chain 116

https://oajs.openx.net/esp?url=https%3A%2F%2Fnews.sanook.com%2Flotto%2F%3Futm_source%3Demail-lotto%26utm_medium%3Demail%26utm_campaign%3Dedm-mail-lotto&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fnews.sanook.com%2Flotto%2F%3Futm_source%3Demail-lotto%26utm_medium%3Demail%26utm_campaign%3Dedm-mail-lotto&rid=esp&cc=1

Request Chain 124

https://gum.criteo.com/sid/json?origin=publishertagids&domain=sanook.com&sn=ChromeSyncframe&so=0&topUrl=news.sanook.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=BkcCs3xNaThLK2hNc1BWOHB4TzJLdjNjZHFpamoyZUc1RWJwS1Rxc0wwRkVOM1ppMkMxQmMrWXdrSVkvTUJ5R0QxTkRMUWs4RTdid1hLSjk4WGhtdklNRXRMalM1NldiZVdmQ3NpUCs3VG5oV01nY05wYk1JOW1OcFRSbzlhcTZ6cXhTeFRJM1d2aGJKVlBLYkN2WDI3bUJhYVMxak8yckx2K211dkdYMUxCNkczbEtBQUFyQWxHeVBhUDhZdVNsOU91L0tod01rOEZ3eGVhSVJaa1JxQ3VZZjczRTE4Nk51SnNsT2xyaHJGNW9HcmUxNisyU0dMRDkxR1AxcUpVdmlGOVBMRzRqMnhmRmt3a0RYRTVESDM2SU81dz09fA&cppv=2

145 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
news.sanook.com/lotto/ 237 KB
25 KB 2088ms
338ms Document
text/html 203.151.128.160
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 203.151.128.160 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 160.128.151.203.sta.inet.co.th
Software: /
Resource Hash: a27a15869ad334a3a98244cdb38b6244b25fdfe44972d442056df7daaeab6e9c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 Nov 2023 01:53:12 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
x-ua-device: pc
x-user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

GET
H2 200 fonts.1.0.21.css
p1.isanook.com/de/0/shared/cs/ 9 KB
2 KB 863ms
7ms Stylesheet
text/css 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.isanook.com/de/0/shared/cs/fonts.1.0.21.css
Requested by: Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 4c17ba92b6c24ef75330146fc1d7e27ff56ebb33bb6e1e466c19d40fe836a820

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 14:38:08 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 15 Aug 2023 03:51:18 GMT
server: Lego Server
age: 2137708
etag: W/"64daf636-236d"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 16610626434278382599
accept-ranges: bytes
content-length: 1932
expires: Fri, 13 Oct 2023 14:38:08 GMT

GET
H2 200 base.1.0.91.css
p1.isanook.com/de/0/shared/cs/ 87 KB
18 KB 862ms
6ms Stylesheet
text/css 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.isanook.com/de/0/shared/cs/base.1.0.91.css
Requested by: Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: e6583ed1749f64b83fd66d6c11506ec39b792ab43a86f7ccde88f2b19675c4c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 09:00:57 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 15 Aug 2023 03:51:18 GMT
server: Lego Server
age: 0
etag: W/"64daf636-15b1d"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 3101785515048472804
accept-ranges: bytes
content-length: 17972
expires: Mon, 16 Oct 2023 09:00:57 GMT

GET
H2 200 theme.2.3.0.css
p1.isanook.com/de/0/custom/news/cs/ 75 KB
15 KB 863ms
8ms Stylesheet
text/css 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.isanook.com/de/0/custom/news/cs/theme.2.3.0.css
Requested by: Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: fd48bac2b9d196d7754ce7502fb80c77fb23f55cf9da7c6867a8a3ef2c295f73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:01:36 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 15 Aug 2023 03:51:13 GMT
server: Lego Server
age: 800744
etag: W/"64daf631-12cf8"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-nws-log-uuid: 15078803639069659120
accept-ranges: bytes
content-length: 14865
expires: Wed, 27 Sep 2023 19:01:36 GMT

GET
H2 200 beacon.v1.js Show response
p1.isanook.com/sh/0/js/ 375 B
464 B 863ms
9ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.isanook.com/sh/0/js/beacon.v1.js
Requested by: Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 11:47:01 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 28 Nov 2013 06:56:15 GMT
server: Lego Server
age: 688542
etag: "5296e90f-177"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 8821562368348724051
accept-ranges: bytes
content-length: 266
expires: Fri, 21 Jul 2023 11:47:01 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 98 KB
31 KB 186ms
67ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d7d65b435dd24e22534c67101ee67ea6db074cb7f7700fa7c9f2a34a3253008

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 01:53:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31200
x-xss-protection: 0
server: cafe
etag: 556 / 19663 / 31079321 / config-hash: 9369610358558058957
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 01:53:13 GMT

GET
H2 200 consent-banner.js Show response
s.isanook.com/sr/0/consent_banner/consent-banner-v1.0.52/ 49 KB
16 KB 34ms
8ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/consent_banner/consent-banner-v1.0.52/consent-banner.js
Requested by: Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: d58b114cd652b2e462bab5c073dae26dc6e2dffef56a087492ba7f97bbf68912

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 03:44:54 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 49821
server: Lego Server
age: 3348
etag: W/"63be369e-c29d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 16137014002528541864
accept-ranges: bytes
content-length: 15943
expires: Sat, 11 Nov 2023 02:48:59 GMT

GET
H2 200 sanook-type-mf.svg
p1.isanook.com/de/0/shared/di/global-hf/ 6 KB
3 KB 862ms
9ms Image
image/svg+xml 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.isanook.com/de/0/shared/di/global-hf/sanook-type-mf.svg
Requested by: Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: b954d75fe18fc4f434d917c09c8074086ccd126e5af3b9103ab2724a0afe9d30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 06:28:42 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 10 Oct 2023 02:51:43 GMT
server: Lego Server
age: 0
etag: W/"6524bc3f-1633"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 11959571969580362265
accept-ranges: bytes
content-length: 2624
expires: Sat, 11 Nov 2023 06:28:42 GMT

GET
H2 200 spacer.gif
s.isanook.com/sh/0/di/ac/vl/ 43 B
209 B 32ms
7ms Image
image/gif 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sh/0/di/ac/vl/spacer.gif
Requested by: Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 14 May 2023 10:15:30 GMT
x-cache-lookup: Cache Hit
last-modified: Tue, 08 Feb 2011 09:07:23 GMT
server: Lego Server
age: 0
etag: "4d5107cb-2b"
vary: Accept-Encoding
content-type: image/gif
cache-control: s-maxage=10
x-nws-log-uuid: 17604324126589674327
accept-ranges: bytes
content-length: 43

GET
H2 200 liw.jpg
s.isanook.com/ns/0/ud/1817/9089258/ 6 KB
7 KB 926ms
9ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9089258/liw.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

381866e3673743dbcb7dda015b19d35739e54c9ff2564f0b16ee9b7f2a0cbc61

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 07:37:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 16516168442299151387
accept-ranges: bytes
content-length: 6564
expires: Fri, 01 Dec 2023 07:37:09 GMT

GET
H2 200 tagline-template-update-april.jpg
s.isanook.com/ns/0/ud/1817/9089162/ 6 KB
6 KB 56ms
9ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9089162/tagline-template-update-april.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

60839b9c5a396544ae7b7cbac9f25e1fa6ea79a6ce6b762de87697bb489ece9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 06:29:17 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 1793373937968530801
accept-ranges: bytes
content-length: 5692
expires: Fri, 01 Dec 2023 06:29:17 GMT

GET
H2 200 unclephon-antietaen-postponed.jpg
s.isanook.com/ns/0/ud/1817/9087434/ 7 KB
7 KB 36ms
8ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9087434/unclephon-antietaen-postponed.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

7b24e983660c4ef0245513980525aa296902671968a45e2e25e3f341e7675db9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:08:33 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 10821251259769661173
accept-ranges: bytes
content-length: 6680
expires: Wed, 29 Nov 2023 08:08:33 GMT

GET
H2 200 tagline-template-update-april.jpg
s.isanook.com/ns/0/ud/1816/9083290/ 4 KB
4 KB 36ms
9ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1816/9083290/tagline-template-update-april.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

5d3a0ac4191095f9e2649d9fb387a78d4aadf35226dcfba28b2c6e2c6f263215

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 13:47:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 146
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 17526272980545800360
accept-ranges: bytes
content-length: 4230
expires: Sun, 26 Nov 2023 13:47:43 GMT

GET
H2 200 arrest.jpg
s.isanook.com/ns/0/ud/1816/9082446/ 7 KB
7 KB 11ms
9ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1816/9082446/arrest.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

a5ed1224f9ed8b1bb91aef559a21fb08bd536260a787d97f3a837c31b31f692c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 03:26:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 11157587768786780124
accept-ranges: bytes
content-length: 7358
expires: Sun, 26 Nov 2023 03:26:41 GMT

GET
H2 200 tagline-template-update-april.jpg
s.isanook.com/ns/0/ud/1816/9081734/ 5 KB
5 KB 10ms
9ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1816/9081734/tagline-template-update-april.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

a2e73caf0394257c4c4b03e700d7527f738c5c58af293081436dac1dfcbf034e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:50:14 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 1977430593509694872
accept-ranges: bytes
content-length: 5174
expires: Sat, 25 Nov 2023 12:50:14 GMT

GET
H2 200 tagline-template-update-april.jpg
s.isanook.com/ns/0/ud/1817/9088990/ 5 KB
5 KB 9ms
8ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9088990/tagline-template-update-april.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

e550ba23d089bb003f52ab354b741d4d554118f7d287f54146fecba9312e0726

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 04:49:39 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 270730092635851567
accept-ranges: bytes
content-length: 4892
expires: Fri, 01 Dec 2023 04:49:39 GMT

GET
H2 200 tagline-template-update-april.jpg
s.isanook.com/ns/0/ud/1817/9088562/ 3 KB
3 KB 10ms
9ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9088562/tagline-template-update-april.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

44d65bbcbfcf2791f8b47a359dced1b74a43a7ba7870ef898da6934d11cbbb6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 12:10:34 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 16959581065154088229
accept-ranges: bytes
content-length: 2676
expires: Thu, 30 Nov 2023 12:10:34 GMT

GET
H2 200 tagline-template-update-april.jpg
s.isanook.com/ns/0/ud/1817/9088522/ 6 KB
7 KB 9ms
9ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9088522/tagline-template-update-april.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

d09c37301f66a30b88073cb7fa1de37ea3c77236ce761521bddd32113dfc4204

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:49:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 8944209339411748420
accept-ranges: bytes
content-length: 6530
expires: Thu, 30 Nov 2023 09:49:29 GMT

GET
H2 200 settha-sonxay-train-station-m.jpg
s.isanook.com/ns/0/ud/1817/9088498/ 5 KB
5 KB 111ms
110ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9088498/settha-sonxay-train-station-m.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

de8527a0fbd6e4ad1602119ab6f70442c01eda23eefe32d8091f283066c63a0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:28:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 15
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 8683469718908519758
accept-ranges: bytes
content-length: 5162
expires: Thu, 30 Nov 2023 09:28:41 GMT

GET
H2 200 settha-thai-korea-immigration.jpg
s.isanook.com/ns/0/ud/1817/9088454/ 4 KB
4 KB 8ms
6ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9088454/settha-thai-korea-immigration.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

cb8374d40a133d3bdedef8fc3187054066733c7ba30e7bd2564c26a86f96fa2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 08:28:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 7146406408093782243
accept-ranges: bytes
content-length: 3830
expires: Thu, 30 Nov 2023 08:28:45 GMT

GET
H2 200 tagline-template-update-april.jpg
s.isanook.com/ns/0/ud/1817/9088362/ 9 KB
9 KB 8ms
7ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9088362/tagline-template-update-april.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

5e85eb301700f2533bbbb668df08ec9b97ab487208b65ac8c26f69a953ad1b74

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 06:49:34 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 4442689835102219776
accept-ranges: bytes
content-length: 8870
expires: Thu, 30 Nov 2023 06:49:34 GMT

GET
H2 200 kao.jpg
s.isanook.com/ns/0/ud/1817/9089354/ 7 KB
8 KB 8ms
7ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9089354/kao.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

ff133f917d08e28e48807c837baac016f143ace3e5647ca599602aabc4e611c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 23:16:03 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 13400765099267541995
accept-ranges: bytes
content-length: 7558
expires: Fri, 01 Dec 2023 23:16:03 GMT

GET
H2 200 5.jpg
s.isanook.com/ns/0/ud/1817/9089030/ 6 KB
6 KB 122ms
121ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9089030/5.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

94aa2a14d9d3f6bedab802151ef2b9f0990f875224dcc3b27233b7abec66a7db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 23:18:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 2969016015393034069
accept-ranges: bytes
content-length: 5724
expires: Fri, 01 Dec 2023 23:18:59 GMT

GET
H2 200 15.jpg
s.isanook.com/ns/0/ud/1817/9089706/ 8 KB
9 KB 8ms
8ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9089706/15.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

633ceb987e206dd495bddfb6bc86bd68fb92b6a995e947e59569092958a99a52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 14:05:01 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 16
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 11704590646103461214
accept-ranges: bytes
content-length: 8688
expires: Fri, 01 Dec 2023 14:05:01 GMT

GET
H2 200 yt01.gif
s.isanook.com/ns/0/ud/1817/9089622/ 6 KB
6 KB 7ms
6ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9089622/yt01.gif?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

39e49e61cd4248227b41db045f1b9a0ffeb952cc492c857b0b145b1f073676ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:25:01 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 8608893076058489702
accept-ranges: bytes
content-length: 5632
expires: Fri, 01 Dec 2023 12:25:01 GMT

GET
H2 200 15.jpg
s.isanook.com/ns/0/ud/1817/9089478/ 7 KB
7 KB 7ms
7ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9089478/15.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

7243699ab9965852f34304a2f569652e1952376046cca00b6f87638be081dd80

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 10:54:34 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 14781947980257303820
accept-ranges: bytes
content-length: 7084
expires: Fri, 01 Dec 2023 10:54:34 GMT

GET
H2 200 3.jpg
s.isanook.com/ns/0/ud/1817/9088962/ 4 KB
4 KB 7ms
7ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9088962/3.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

0c49cd09951e9ddac92877fd200c8f508b5337097f25433cd6f61f735ab4ba42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 09:11:13 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 1
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 11676856593400645108
accept-ranges: bytes
content-length: 3612
expires: Fri, 01 Dec 2023 09:11:13 GMT

GET
H2 200 box.jpg
s.isanook.com/ns/0/ud/1817/9089758/ 6 KB
6 KB 112ms
112ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9089758/box.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

bd81e7c47f5441766634d2cab990230be9fad96b4c20a4be60145acee789d9f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 23:05:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 11115045033496291630
accept-ranges: bytes
content-length: 6240
expires: Fri, 01 Dec 2023 23:05:36 GMT

GET
H2 200 police.jpg
s.isanook.com/ns/0/ud/1817/9089718/ 5 KB
5 KB 7ms
7ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9089718/police.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

28d0ff26ca72b17c822273703ca3644dac9442a53566d17b4ab808863542f0f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 14:24:58 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 5377556248607978772
accept-ranges: bytes
content-length: 5104
expires: Fri, 01 Dec 2023 14:24:58 GMT

GET
H2 200 china.jpg
s.isanook.com/ns/0/ud/1817/9089646/ 6 KB
6 KB 7ms
6ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9089646/china.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

8b050a1f5e3e3105054c4bc3b8dbb48c45e802aee30bed9fcd3aa24e9eb6d3ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:24:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 9362597675242395261
accept-ranges: bytes
content-length: 5800
expires: Fri, 01 Dec 2023 13:24:46 GMT

GET
H2 200 car.jpg
s.isanook.com/ns/0/ud/1817/9089546/ 5 KB
5 KB 7ms
7ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9089546/car.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

17104e93446b886fad5b4f32d2ce1f65dc28a06c6c32261548b9df5d27f568cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 11:24:35 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 1272428050670097988
accept-ranges: bytes
content-length: 4780
expires: Fri, 01 Dec 2023 11:24:35 GMT

GET
H2 200 tagline-template-update-april.jpg
s.isanook.com/ns/0/ud/1817/9089518/ 4 KB
4 KB 7ms
6ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9089518/tagline-template-update-april.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

96b23240ea3896e30b1b6888fa51b330c3c9ce83398838cb15a03289cbff1e7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 10:54:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 1643919726363707895
accept-ranges: bytes
content-length: 4232
expires: Fri, 01 Dec 2023 10:54:41 GMT

GET
H2 200 china.jpg
s.isanook.com/ns/0/ud/1817/9089474/ 7 KB
7 KB 7ms
7ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9089474/china.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

12a4909fcf28533887b1f08874b22e9bc2ac41e1d0aea584919b1cecd90cbff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 10:44:55 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 2318197673089908608
accept-ranges: bytes
content-length: 6758
expires: Fri, 01 Dec 2023 10:44:55 GMT

GET
H2 200 social-sec-election-reg.jpg
s.isanook.com/ns/0/ud/1816/9080986/ 6 KB
6 KB 7ms
7ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1816/9080986/social-sec-election-reg.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

7d09953a2e6a323a15c1523f5a2ec25fb4dfdfdeb87e04b09f17139424d9e238

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 07:08:12 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 14068730200729238951
accept-ranges: bytes
content-length: 5850
expires: Fri, 24 Nov 2023 07:08:12 GMT

GET
H2 200 lotto.jpg
s.isanook.com/ns/0/ud/1817/9089610/ 5 KB
5 KB 7ms
7ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9089610/lotto.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

18d5be0db957e1007ae395f274f88a68b583d29c766a6c8c3c5fd3031682a3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:14:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 13746754156137641901
accept-ranges: bytes
content-length: 5308
expires: Fri, 01 Dec 2023 12:14:54 GMT

GET
H2 200 transwomen-mistress-lawsuit.jpg
s.isanook.com/ns/0/ud/1817/9089534/ 7 KB
7 KB 7ms
7ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9089534/transwomen-mistress-lawsuit.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

c851fff7907fa0824f2f3b77bc297bbd73d483ca5cd913a068f5a1453f0f5991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 11:44:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 1394801011961769586
accept-ranges: bytes
content-length: 6692
expires: Fri, 01 Dec 2023 11:44:56 GMT

GET
H2 200 teeyod.jpg
s.isanook.com/ns/0/ud/1817/9089438/ 5 KB
5 KB 7ms
7ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9089438/teeyod.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

32452bc64693660d83eb8409e473547844a60425eb404c505866578f2c2b6f4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 09:54:34 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 1850812770363274307
accept-ranges: bytes
content-length: 5372
expires: Fri, 01 Dec 2023 09:54:34 GMT

GET
H2 200 tagline-template-update-april.jpg
s.isanook.com/ns/0/ud/1817/9089398/ 8 KB
8 KB 7ms
6ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9089398/tagline-template-update-april.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

e2df7bc5430ea0dfc362605746096a573db544647ff84cf4078d99356c946945

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 09:11:15 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 15646657760780133850
accept-ranges: bytes
content-length: 8474
expires: Fri, 01 Dec 2023 09:11:15 GMT

GET
H2 200 lotto.jpg
s.isanook.com/ns/0/ud/1817/9089394/ 8 KB
8 KB 7ms
7ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9089394/lotto.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

3186999c451d80ac8e983af9d06640162ec2a026538ebbc1b0225ee1e9e0ff7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 09:11:11 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 16199051643412494134
accept-ranges: bytes
content-length: 7838
expires: Fri, 01 Dec 2023 09:11:11 GMT

GET
H2 200 tagline-template-update-april.jpg
s.isanook.com/ns/0/ud/1818/9090310/ 6 KB
6 KB 7ms
7ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1818/9090310/tagline-template-update-april.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

2516e5572d48abcb809f4494c65200253715a9f788bf8990448f76c189ae09c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 01:15:22 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 6603875954001196070
accept-ranges: bytes
content-length: 5766
expires: Sat, 02 Dec 2023 01:15:22 GMT

GET
H2 200 tagline-template-update-april.jpg
s.isanook.com/ns/0/ud/1817/9088642/ 3 KB
3 KB 7ms
6ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9088642/tagline-template-update-april.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

5d29f977a94cb8824fb37a0e0cc69180b57e51be7483b2e5127428d67e5ae943

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 01:10:23 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 29
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 2600289836316260590
accept-ranges: bytes
content-length: 2670
expires: Fri, 01 Dec 2023 01:10:23 GMT

GET
H2 200 tagline-template-update-april.jpg
s.isanook.com/ns/0/ud/1817/9088446/ 3 KB
3 KB 7ms
7ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9088446/tagline-template-update-april.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

fb02c37600820b6ff5b3e93046970daa531ec14628243d8d04ea564a4094b92f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 07:58:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 3950064579733857050
accept-ranges: bytes
content-length: 2888
expires: Thu, 30 Nov 2023 07:58:56 GMT

GET
H2 200 tagline-template-update-april.jpg
s.isanook.com/ns/0/ud/1817/9087290/ 6 KB
6 KB 63ms
62ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9087290/tagline-template-update-april.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

46f25d28d35da76ee76290e04d55983b38b7848dc8e58fb33689d1d5659f8d8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:49:03 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 5736919692441525102
accept-ranges: bytes
content-length: 6182
expires: Wed, 29 Nov 2023 06:49:03 GMT

GET
H2 200 tagline-template-update-april.jpg
s.isanook.com/ns/0/ud/1817/9087058/ 7 KB
7 KB 7ms
6ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9087058/tagline-template-update-april.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

d139075d691ea89c7d5fdea93f5f602970eba5edb530b7c7cfcc9032378dd25d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:00:14 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 14262453497730369276
accept-ranges: bytes
content-length: 7442
expires: Wed, 29 Nov 2023 04:00:14 GMT

GET
H2 200 muk.jpg
s.isanook.com/ns/0/ud/1817/9085334/ 4 KB
4 KB 8ms
7ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9085334/muk.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

198ab6303f46948f56c4c52a15e4b7dacac3dcd83c01e6cc7fec37db2ed63b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 01:53:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 15603491633852866160
accept-ranges: bytes
content-length: 3922
expires: Tue, 28 Nov 2023 01:53:09 GMT

GET
H2 200 live-lottery-1-nov-2023.jpg
s.isanook.com/ns/0/ud/1817/9088654/ 5 KB
5 KB 43ms
43ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9088654/live-lottery-1-nov-2023.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

7a0d278e742eac7de1bb8cc308e4ed310c8d33f231aafee87715c4207f3c3157

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 06:40:03 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 5617371142483644593
accept-ranges: bytes
content-length: 5140
expires: Fri, 01 Dec 2023 06:40:03 GMT

GET
H2 200 aw_1200x720_2_2(6).jpg
s.isanook.com/ns/0/ud/1816/9081506/ 7 KB
8 KB 42ms
42ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1816/9081506/aw_1200x720_2_2(6).jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

8621b672b2e4d3c45b6350f1684635eec3df8f0594c06a1558182a89a02692f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 06:27:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 5660994364039771820
accept-ranges: bytes
content-length: 7574
expires: Sat, 25 Nov 2023 06:27:16 GMT

GET
H2 200 tagline-template-update-april.jpg
s.isanook.com/ns/0/ud/1816/9080366/ 8 KB
8 KB 7ms
6ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1816/9080366/tagline-template-update-april.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

2b8a3c8543f7fce085f6892084a9f689d388fef2bf2572a9343b1a216e7a900e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 04:36:23 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 15264363289498984141
accept-ranges: bytes
content-length: 8054
expires: Thu, 23 Nov 2023 04:36:23 GMT

GET
H2 200 tagline-template-update-april_1.jpg
s.isanook.com/ns/0/ud/1816/9082574/ 8 KB
8 KB 7ms
7ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1816/9082574/tagline-template-update-april_1.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

f9daf30e4bbad3625ebd9497ddbe5713e3d4e6642b8fe05e14f256c2dced8929

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:07:04 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 152
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 7865772229527293965
accept-ranges: bytes
content-length: 8456
expires: Sun, 26 Nov 2023 05:07:03 GMT

GET
H2 200 lotto.jpg
s.isanook.com/ns/0/ud/1816/9080098/ 9 KB
9 KB 7ms
7ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1816/9080098/lotto.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

7be444bbbd07a7baf13ded8d1fcd8004dcf78c3ae00baf9b4e43e2c885848cc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 14:10:10 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 14171598124946749040
accept-ranges: bytes
content-length: 8930
expires: Wed, 22 Nov 2023 14:10:10 GMT

GET
H2 200 rew.jpg
s.isanook.com/ns/0/ud/1815/9078626/ 9 KB
9 KB 7ms
6ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1815/9078626/rew.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

4e538f70902d559c5b6b87878cdc0e99b0409156e056cd739966556d75e95b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 14:42:23 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 2301821884644858842
accept-ranges: bytes
content-length: 8792
expires: Tue, 21 Nov 2023 14:42:23 GMT

GET
H2 200 lottery_1_november_2023.jpg
s.isanook.com/ns/0/ud/1817/9088650/ 5 KB
6 KB 7ms
6ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9088650/lottery_1_november_2023.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

2d440d6dab2ecf739d751496f8e38efe197259d7a03157fcb59ee856ed2e8b2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 03:39:50 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 1
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 11189427322494799321
accept-ranges: bytes
content-length: 5480
expires: Fri, 01 Dec 2023 03:39:50 GMT

GET
H2 200 lottery-1-november-2023.jpg
s.isanook.com/ns/0/ud/1817/9088838/ 5 KB
5 KB 7ms
7ms Image
image/webp 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ns/0/ud/1817/9088838/lottery-1-november-2023.jpg?ip/crop/w165h99/q90/webp

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

29bb9c1f1bf858626f162cf340bdf6a420a3709ffca4f31dde33680e81068a41

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 07:37:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Lego Server
age: 0
content-type: image/webp
cache-control: max-age=2592000
x-nws-log-uuid: 4194706505411176962
accept-ranges: bytes
content-length: 4696
expires: Fri, 01 Dec 2023 07:37:09 GMT

GET
H2 200 logoinn_1.jpg
p1.isanook.com/ns/0/uc/0/1311/ 2 KB
2 KB 24ms
21ms Image
image/jpeg 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.isanook.com/ns/0/uc/0/1311/logoinn_1.jpg
Requested by: Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 0a3c15df84795d4f89cd6aa48b72cb72195ff1b7b34cae28a6ed15f681ccdd80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 15:08:40 GMT
x-cache-lookup: Cache Hit
last-modified: Tue, 05 Jan 2021 07:01:38 GMT
server: Lego Server
age: 0
etag: "5ff40ed2-7fc"
content-type: image/jpeg
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 14915106006908681872
accept-ranges: bytes
content-length: 2044
expires: Tue, 21 Nov 2023 15:08:40 GMT

GET
H2 200 rakdara-fb.png
p1.isanook.com/ns/0/uc/1/5933/ 9 KB
9 KB 24ms
21ms Image
image/png 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.isanook.com/ns/0/uc/1/5933/rakdara-fb.png
Requested by: Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 7ac6e6de3d891fb47abeee0be99e30c4e9c4b0d8e21dc1b89f016094269ac236

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 18:25:07 GMT
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
etag: "612d9b9c-225b"
content-type: image/png
x-nws-log-uuid: 14769050404853186346
accept-ranges: bytes
content-length: 8795
expires: Tue, 07 Nov 2023 18:25:07 GMT

GET
H2 200 voathai-fb.png
p1.isanook.com/ns/0/uc/1/6286/ 6 KB
6 KB 24ms
21ms Image
image/png 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.isanook.com/ns/0/uc/1/6286/voathai-fb.png
Requested by: Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 0b3944e82dadd81c0975857dbf19d0ad0f4e0a5dd6343ed20b11bb6316d83e90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 23:13:54 GMT
x-cache-lookup: Cache Hit
last-modified: Tue, 31 Aug 2021 03:04:49 GMT
server: Lego Server
age: 0
etag: "612d9c51-1762"
content-type: image/png
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 13582269132806221687
accept-ranges: bytes
content-length: 5986
expires: Mon, 06 Nov 2023 23:13:54 GMT

GET
H2 200 logo-newsplus-1.png
p1.isanook.com/ns/0/uc/1/6394/ 4 KB
4 KB 24ms
22ms Image
image/png 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.isanook.com/ns/0/uc/1/6394/logo-newsplus-1.png
Requested by: Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 36db92b8e96692847e55ba1b69d74a882910fa6837b4c83f62b3af965024bcdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:34:26 GMT
x-cache-lookup: Cache Hit
last-modified: Tue, 31 Aug 2021 03:17:09 GMT
server: Lego Server
age: 0
etag: "612d9f35-fb6"
content-type: image/png
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 17852974729887648797
accept-ranges: bytes
content-length: 4022
expires: Sat, 11 Nov 2023 23:34:26 GMT

GET
H2 200 sn-appstore.png
s.isanook.com/fi/0/2/di/ 5 KB
5 KB 7ms
7ms Image
image/png 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/fi/0/2/di/sn-appstore.png
Requested by: Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 116b85d71cf9a85a2acb814c0880d355d79d1d41272d1eb43cdfed7b9b1347c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 01:49:10 GMT
x-cache-lookup: Cache Hit
last-modified: Tue, 22 Sep 2015 09:58:55 GMT
server: Lego Server
age: 0
etag: "5601265f-121b"
content-type: image/png
cache-control: s-maxage=10
x-nws-log-uuid: 982562007273487833
accept-ranges: bytes
content-length: 4635

GET
H2 200 sn-playstore.png
s.isanook.com/fi/0/2/di/ 6 KB
6 KB 24ms
23ms Image
image/png 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/fi/0/2/di/sn-playstore.png
Requested by: Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 4ea87a36bed248e15fb875ffaba16f1151ba61bd078e0e4c06bf03c59f568a03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 11 May 2023 09:08:03 GMT
x-cache-lookup: Cache Hit
last-modified: Tue, 22 Sep 2015 09:58:55 GMT
server: Lego Server
age: 0
etag: "5601265f-173f"
content-type: image/png
x-nws-log-uuid: 3748784047563664099
accept-ranges: bytes
content-length: 5951

GET
H2 200 jquery-2.1.4.min.js Show response
p1.isanook.com/de/0/shared/js/vendors/ 82 KB
29 KB 18ms
8ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.isanook.com/de/0/shared/js/vendors/jquery-2.1.4.min.js
Requested by: Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: ab0d063b4ff2827192c0e44103d3091457a1d2374c3b6243721c5679bb61eae2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 04:01:12 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 15 Aug 2023 03:51:20 GMT
server: Lego Server
age: 2028750
etag: "64daf638-14978"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 9788054881341439152
accept-ranges: bytes
content-length: 29560
expires: Tue, 31 Oct 2023 04:01:12 GMT

GET
H2 200 boilerplate-10bac2e7669eb31720cb.js Show response
p1.isanook.com/de/0/shared/js/ 128 KB
35 KB 17ms
7ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.isanook.com/de/0/shared/js/boilerplate-10bac2e7669eb31720cb.js
Requested by: Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 8fc376a243a87db42864c584fa535eccdb58a1444b603028a6b703f7f509f2e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:05:39 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 131062
server: Lego Server
age: 0
etag: "653242fc-1fff6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 416888704947263790
accept-ranges: bytes
content-length: 35732
expires: Mon, 20 Nov 2023 02:05:39 GMT

GET
H2 200 vendors-7d6a3d4882c34f966f58.js Show response
p1.isanook.com/de/0/shared/js/ 128 KB
37 KB 18ms
8ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.isanook.com/de/0/shared/js/vendors-7d6a3d4882c34f966f58.js
Requested by: Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 019425994d897f9738178a0c5372fda69299f94fb259558b43d18d1ced487d45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:08:57 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 15 Aug 2023 03:51:20 GMT
server: Lego Server
age: 730636
etag: "64daf638-1ffb2"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 15821614146912964311
accept-ranges: bytes
content-length: 37473
expires: Thu, 12 Oct 2023 22:08:57 GMT

GET
H2 200 main-f1cd62a2abc900c4b6f0.js Show response
p1.isanook.com/de/0/shared/js/ 34 KB
9 KB 16ms
7ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.isanook.com/de/0/shared/js/main-f1cd62a2abc900c4b6f0.js
Requested by: Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: a211849729500f9a8571ca79dafb21c85188cd306c3224943c2a44110739805d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 23:18:26 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 35058
server: Lego Server
age: 265254
etag: "6524bc41-88f2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 3599420056285081090
accept-ranges: bytes
content-length: 9158
expires: Fri, 10 Nov 2023 06:30:46 GMT

GET
H2 200 news-91454fa4728a6ce3a4f7.js Show response
p1.isanook.com/de/0/shared/js/ 39 KB
9 KB 17ms
8ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.isanook.com/de/0/shared/js/news-91454fa4728a6ce3a4f7.js
Requested by: Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: ef7af2ead5c6192227c5081a447225293188cca91cbe1c3be73a94b5d39345bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 02:45:11 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 15 Aug 2023 03:51:20 GMT
server: Lego Server
age: 1176421
etag: "64daf638-9ade"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 12439022354620041117
accept-ranges: bytes
content-length: 9259
expires: Mon, 02 Oct 2023 02:45:11 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 289 KB
92 KB 173ms
61ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

27b7a3bbee59f09c009e2c553977892aab4a00b052e2132e41beaab17b5a786e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 01:53:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94244
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 00:23:54 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Nov 2023 01:53:13 GMT

GET
H/1.1 200
OK dc-script-v2.min.js Show response
sal.isanook.com/dc/ 25 KB
25 KB 2373ms
188ms Script
application/javascript 61.91.94.165
TRUEINTERNET-AS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://sal.isanook.com/dc/dc-script-v2.min.js
Requested by: Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.91.94.165 Bang Phli, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS: 61-91-94-165.static.asianet.co.th
Software: nginx /
Resource Hash: 3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 01:53:15 GMT
Last-Modified: Mon, 16 Nov 2020 11:46:30 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25278
Expires: Sat, 02 Dec 2023 01:53:15 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 48ms
8ms Script
application/javascript 18.245.60.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: p1.isanook.com
URL: https://p1.isanook.com/sh/0/js/beacon.v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-107.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 05:14:44 GMT
content-encoding: gzip
via: 1.1 72500140cb63ff2dee8b57e4476902e6.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jul 2023 22:21:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 74310
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: M-izERuPZCv_ZNkC-uWEJ4IZU0lxdr8_jw8LS2rbnvhPy7p6NEJi1w==

GET
H2 200 d0004449.js Show response
lvs2.truehits.in.th/dataa/ 9 KB
9 KB 580ms
187ms Script
application/x-javascript 203.154.58.214
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://lvs2.truehits.in.th/dataa/d0004449.js
Requested by: Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.58.214 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-58-214.northern.inet.co.th
Software: nginx/1.23.3 /
Resource Hash: 487683ad995c751b97a0a768c031b0475d523cae89d87f1c483768483b0db00c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 01:53:13 GMT
last-modified: Thu, 26 Oct 2023 07:02:00 GMT
server: nginx/1.23.3
p3p: CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
content-type: application/x-javascript
cache-control: max-age=604800
content-length: 8719
expires: Thu, 9 Nov 2023 1:53:13 GMT

GET
H2 200 sanook-type.svg
p1.isanook.com/de/0/shared/di/global-hf/ 4 KB
2 KB 10ms
8ms Image
image/svg+xml 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.isanook.com/de/0/shared/di/global-hf/sanook-type.svg
Requested by: Host: p1.isanook.com
URL: https://p1.isanook.com/de/0/shared/cs/base.1.0.91.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: cb90079169f3de2531c97cee22810e597e68b3b2e2bb088158cfabd6a14c44dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p1.isanook.com/de/0/shared/cs/base.1.0.91.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 09:58:08 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 12 Oct 2023 11:29:04 GMT
server: Lego Server
age: 0
etag: W/"6527d880-1180"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 7953373012382205458
accept-ranges: bytes
content-length: 2109
expires: Sun, 12 Nov 2023 09:58:08 GMT

GET
H2 200 s-news.png
p1.isanook.com/de/0/custom/news/img/ 2 KB
2 KB 22ms
21ms Image
image/png 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.isanook.com/de/0/custom/news/img/s-news.png
Requested by: Host: p1.isanook.com
URL: https://p1.isanook.com/de/0/custom/news/cs/theme.2.3.0.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: c444e0f2a604b12936055c0592cfb020fcb415b601acfbdc64c3ca921a4f7af1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p1.isanook.com/de/0/custom/news/cs/theme.2.3.0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 09:14:15 GMT
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
etag: "653242f7-913"
content-type: image/png
x-nws-log-uuid: 11188950731794585414
accept-ranges: bytes
content-length: 2323
expires: Tue, 21 Nov 2023 09:14:15 GMT

GET
H2 200 base-icon-v1.39.ttf
p1.isanook.com/de/0/shared/fo/ 51 KB
31 KB 27ms
11ms Font
application/octet-stream 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.isanook.com/de/0/shared/fo/base-icon-v1.39.ttf
Requested by: Host: p1.isanook.com
URL: https://p1.isanook.com/de/0/shared/cs/fonts.1.0.21.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: ae5950d0a8356c2450cb6e7429f5ea205bfaf5a0b6cecff3102eb3b16daf821c

Request headers

Referer: https://p1.isanook.com/de/0/shared/cs/fonts.1.0.21.css
Origin: https://news.sanook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 03:28:56 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 15 Aug 2023 03:51:20 GMT
server: Lego Server
age: 0
etag: W/"64daf638-cb90"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 6910001767200444946
accept-ranges: bytes
content-length: 30987
expires: Mon, 09 Oct 2023 03:28:56 GMT

GET
H2 200 SukhumvitReg.ttf
p1.isanook.com/de/0/shared/fo/ 82 KB
41 KB 27ms
12ms Font
application/octet-stream 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.isanook.com/de/0/shared/fo/SukhumvitReg.ttf
Requested by: Host: p1.isanook.com
URL: https://p1.isanook.com/de/0/shared/cs/fonts.1.0.21.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: eee9e04c302e2647530b33bbe8a77410a1f783e79f9ae4fc0cab660752dd3393

Request headers

Referer: https://p1.isanook.com/de/0/shared/cs/fonts.1.0.21.css
Origin: https://news.sanook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 11:45:04 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Mon, 08 Aug 2016 04:12:59 GMT
server: Lego Server
age: 0
etag: W/"57a806cb-146f0"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 13001736872257673996
accept-ranges: bytes
content-length: 41744
expires: Tue, 28 Nov 2023 11:45:04 GMT

GET
H2 200 banner-lottoStat.png
p1.isanook.com/de/0/custom/news/img/lotto/ 20 KB
20 KB 14ms
8ms Image
image/png 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.isanook.com/de/0/custom/news/img/lotto/banner-lottoStat.png
Requested by: Host: p1.isanook.com
URL: https://p1.isanook.com/de/0/custom/news/cs/theme.2.3.0.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 930f5f85ad94ed04369f882ede2b02d0f01ae66d1a48bc2897b746f3f85e4ecd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p1.isanook.com/de/0/custom/news/cs/theme.2.3.0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 07:16:52 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 20 Oct 2023 09:05:59 GMT
server: Lego Server
age: 0
etag: "653242f7-5127"
content-type: image/png
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 12472979725709245387
accept-ranges: bytes
content-length: 20775
expires: Thu, 23 Nov 2023 07:16:52 GMT

GET
H2 200 sym_girl.svg
p1.isanook.com/de/0/custom/news/img/ 17 KB
2 KB 12ms
7ms Image
image/svg+xml 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.isanook.com/de/0/custom/news/img/sym_girl.svg
Requested by: Host: p1.isanook.com
URL: https://p1.isanook.com/de/0/custom/news/cs/theme.2.3.0.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 6b958b7fee537b2763340f7aa58e63c8e9f184f0c03c3c095feb61b46d3c70d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p1.isanook.com/de/0/custom/news/cs/theme.2.3.0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 07:16:53 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 20 Oct 2023 09:06:00 GMT
server: Lego Server
age: 0
etag: W/"653242f8-4299"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 6623964357059007131
accept-ranges: bytes
content-length: 2327
expires: Thu, 23 Nov 2023 07:16:53 GMT

GET
H2 200 sym_man.svg
p1.isanook.com/de/0/custom/news/img/ 3 KB
2 KB 12ms
7ms Image
image/svg+xml 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.isanook.com/de/0/custom/news/img/sym_man.svg
Requested by: Host: p1.isanook.com
URL: https://p1.isanook.com/de/0/custom/news/cs/theme.2.3.0.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 10f9d0a64cb2a08feccd42520c736f440fe41a5a1238e454649e2cf6bd409370

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p1.isanook.com/de/0/custom/news/cs/theme.2.3.0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 07:22:22 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 25 Oct 2023 10:42:18 GMT
server: Lego Server
age: 0
etag: W/"6538f10a-b22"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 6811307743780708705
accept-ranges: bytes
content-length: 1388
expires: Wed, 29 Nov 2023 07:22:22 GMT

GET
H2 200 bg-dream.jpg
p1.isanook.com/de/0/custom/news/img/ 6 KB
7 KB 11ms
8ms Image
image/jpeg 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.isanook.com/de/0/custom/news/img/bg-dream.jpg
Requested by: Host: p1.isanook.com
URL: https://p1.isanook.com/de/0/custom/news/cs/theme.2.3.0.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: f2988b8970f25baff05fc89f3aeaec2781b8685c980a8ebfc43e77b42302d671

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p1.isanook.com/de/0/custom/news/cs/theme.2.3.0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:48:15 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 20 Oct 2023 09:05:59 GMT
server: Lego Server
age: 0
etag: "653242f7-1997"
content-type: image/jpeg
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 17041555292591094453
accept-ranges: bytes
content-length: 6551
expires: Sun, 19 Nov 2023 09:48:15 GMT

GET
H2 200 arr-up.png
p1.isanook.com/de/0/shared/di/global-hf/ 5 KB
5 KB 12ms
12ms Image
image/png 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.isanook.com/de/0/shared/di/global-hf/arr-up.png
Requested by: Host: p1.isanook.com
URL: https://p1.isanook.com/de/0/shared/cs/base.1.0.91.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: bd5a2a936f143a7799ffb4d0879a763352352ce75a1f222a6ffaba8eb28c8e40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p1.isanook.com/de/0/shared/cs/base.1.0.91.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 15:40:19 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 20 Oct 2023 09:06:03 GMT
server: Lego Server
age: 0
etag: "653242fb-1364"
content-type: image/png
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 18386875812129665701
accept-ranges: bytes
content-length: 4964
expires: Wed, 22 Nov 2023 15:40:19 GMT

GET
H2 200 SukhumvitBold.ttf
p1.isanook.com/de/0/shared/fo/ 88 KB
43 KB 9ms
9ms Font
application/octet-stream 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.isanook.com/de/0/shared/fo/SukhumvitBold.ttf
Requested by: Host: p1.isanook.com
URL: https://p1.isanook.com/de/0/shared/cs/fonts.1.0.21.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: cfe18f4a59d4805361b5a8343617e7a707732b9de4540acfd8a1146e40ce98b5

Request headers

Referer: https://p1.isanook.com/de/0/shared/cs/fonts.1.0.21.css
Origin: https://news.sanook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 02:06:24 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Mon, 08 Aug 2016 04:12:59 GMT
server: Lego Server
age: 0
etag: W/"57a806cb-16080"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 4109523820533382953
accept-ranges: bytes
content-length: 43607
expires: Wed, 22 Nov 2023 02:06:24 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 32ms
8ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c98853801b436a4294533074fc2d83f42d55f4addfcdd113511afbc802731d8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 Nov 2023 01:53:13 GMT
content-md5: 4z0aUHLp95LGzJ050XhgWg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
reporting-endpoints
x-fb-debug: 0jCv7CgnrLNHhW1AE9YM6YWM5U3lyJ6OUNUE7SwdJkOXnJrqnABY28GRXxargHugXJkKw5D31umQhHJ6sPeLTA==
x-fb-content-md5: 763f78ec48e16985a85267c0654f1c33
cross-origin-opener-policy: same-origin-allow-popups
etag: "5b0dbd2f12bef2ad8f1b4bdbc846cd42"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 02 Nov 2023 01:57:25 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
223 B 8ms
8ms Image
text/plain 18.245.60.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=14617386&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1698889993643&ns_c=UTF-8&c7=https%3A%2F%2Fnews.sanook.com%2Flotto%2F%3Futm_source%3Demail-lotto%26utm_medium%3Demail%26utm_campaign%3Dedm-mail-lotto&c8=%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%9C%E0%B8%A5%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A%E0%B8%B2%E0%B8%A5%20%E0%B8%87%E0%B8%A7%E0%B8%94%201%20%E0%B8%9E%E0%B8%A4%E0%B8%A8%E0%B8%88%E0%B8%B4%E0%B8%81%E0%B8%B2%E0%B8%A2%E0%B8%99%202566&c9=
Requested by: Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-107.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 01:53:13 GMT
via: 1.1 72500140cb63ff2dee8b57e4476902e6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-amz-cf-id: kIK56vW7_sdcN5_QKPfinI0WU4w8n-c0lmip65RBChteh0-_25Re7g==
x-cache: Miss from cloudfront

GET
H2 200 978.js Show response
s.isanook.com/sr/0/consent_banner/consent-banner-v1.0.52/ 39 KB
10 KB 7ms
6ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/consent_banner/consent-banner-v1.0.52/978.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/consent_banner/consent-banner-v1.0.52/consent-banner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: d8ff49ca20ca275a1ed182bd6febb6928496433847dfb3f08a6d77f20f9ebc65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 03:44:57 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 39561
server: Lego Server
age: 3351
etag: W/"63be369e-9a89"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 9734521302833886574
accept-ranges: bytes
content-length: 10300
expires: Sat, 11 Nov 2023 02:49:00 GMT

GET
H/1.1 200
OK hub.html Show response
www.sanook.com/cross-storage/ Frame DC1A 3 KB
2 KB 1276ms
196ms Document
text/html 61.91.93.41
TRUEINTERNET-AS-A...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sanook.com/cross-storage/hub.html

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sr/0/consent_banner/consent-banner-v1.0.52/consent-banner.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

61.91.93.41 Bang Phli, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),

Reverse DNS

61-91-93-41.static.asianet.co.th

Software

nginx /

Resource Hash

f110b9d9c8e7da0cdb2a30205d2a49eb990fcd54c47ae0f895aa6a2b790c4f23

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

Referer: https://news.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=2592000 public
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 Nov 2023 01:53:14 GMT
Expires: Sat, 02 Dec 2023 01:53:14 GMT
Last-Modified: Thu, 26 Jan 2023 08:45:28 GMT
Proxy-Cache-Status: HIT
SN-Cache-Status: HIT
Server: nginx
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Transfer-Encoding: chunked
Vary: Accept-Encoding User-Agent
X-Cache-Status: MISS
X-Ua-Device: desktop
X-Ua-Exp: notset
X-Ua-Key: cover_display
X-Ua-Type: human

GET
H2 200 / Show response
graph.facebook.com/ 251 B
628 B 61ms
37ms Script
text/javascript 2a03:2880:f084:10d:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fnews.sanook.com%2Flotto%2F%3Futm_source%3Demail-lotto%26utm_medium%3Demail%26utm_campaign%3Dedm-mail-lotto&callback=jQuery214035212950378597996_1698889993581&_=1698889993582

Requested by

Host: p1.isanook.com
URL: https://p1.isanook.com/de/0/shared/js/vendors/jquery-2.1.4.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:10d:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5cb7a80591352d974326100c904af29211beac8784d368db93934d8750a9d753

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
date: Thu, 02 Nov 2023 01:53:13 GMT
x-fb-rev: 1009630348
alt-svc: h3=":443"; ma=86400
content-length: 194
pragma: no-cache
x-fb-debug: urpaC8PBxh7n2glQ12EriXuc1c0d9tRz31Qh+esrveWO+A333EQZtUaqwfB4T/B9NkRvA+EK0VMq1nNObl+COg==
x-fb-trace-id: FegBLl7oPRs
vary: Origin, Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AH8vQ1JYYcZAWzhfKUlgN-H
cache-control: no-store
facebook-api-version: v12.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/ 425 KB
133 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079321

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8cf20f6e98c91ff5a877209649b0839bb06e5751793babfb0dbbbb60a9e811a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 10:38:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54878
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136288
x-xss-protection: 0
server: cafe
etag: 17302374607849014435
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 31 Oct 2024 10:38:35 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 297 KB
85 KB 18ms
9ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=059932f90036b7bb23b1bb447bed6ff4

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a67a56885890e6859e090efe3b115f26ab051459f1b910353484bef910716fde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://news.sanook.com/
Origin: https://news.sanook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 Nov 2023 01:53:13 GMT
content-md5: iX/EfVMi9kXvvsdoNqW6IA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86881
reporting-endpoints
x-fb-debug: 3hdZplcumrZGs+L2iSwMXGSxE7vBcL4H5wwYIcaWQRJkFAiIQ9BajSt+vq3Ry1DeiU2+gYB1F6ldsaRGEqullw==
x-fb-content-md5: d1c2ea4bbf90d55b9880859d0bac3bde
cross-origin-opener-policy: same-origin-allow-popups
etag: "41d288ed815b99e4a4728be435962305"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 31 Oct 2024 23:34:53 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
85 KB 63ms
62ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

06ebe103a8a51dbe2bf016993dd31342eab60bcca80b476efe211c7e1c3fecb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 01:53:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86480
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Nov 2023 01:53:13 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1007499765/ 3 KB
2 KB 145ms
48ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1007499765/?random=1698889993777&cv=11&fst=1698889993777&bg=ffffff&guid=ON&async=1&gtm=45He3au1v77572129&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.sanook.com%2Flotto%2F%3Futm_source%3Demail-lotto%26utm_medium%3Demail%26utm_campaign%3Dedm-mail-lotto&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%9C%E0%B8%A5%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A&value=0&bttype=purchase&auid=936827614.1698889994&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

4df7ab3719f21d9c68d3009cbc8ca8c6dfebdbe8292c4aa5da2f8bda99f5e55e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 01:53:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1701
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/ 3 KB
2 KB 183ms
66ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/?random=1698889993790&cv=11&fst=1698889993790&bg=ffffff&guid=ON&async=1&gtm=45He3au1v77572129&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.sanook.com%2Flotto%2F%3Futm_source%3Demail-lotto%26utm_medium%3Demail%26utm_campaign%3Dedm-mail-lotto&hn=www.googleadservices.com&frm=0&tiba=%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%9C%E0%B8%A5%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A&auid=936827614.1698889994&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da9035bae86e9fe67621d3e2b5982354303460daf89aebae513b0d9f3cab107b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 01:53:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 169ms
53ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 Nov 2023 01:51:32 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 101
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 02 Nov 2023 03:51:32 GMT

GET
H2 200 342.js Show response
s.isanook.com/sr/0/consent_banner/consent-banner-v1.0.52/ 6 KB
2 KB 7ms
6ms Script
application/javascript 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/consent_banner/consent-banner-v1.0.52/342.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/consent_banner/consent-banner-v1.0.52/consent-banner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: a9e9c736a4e5c6e6da730ffb1a1081cfcad2fd23eeadd93a170c2016fd11c46f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 03:44:55 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 5666
server: Lego Server
age: 3349
etag: W/"63be369e-1622"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 12771118130149664016
accept-ranges: bytes
content-length: 1512
expires: Sat, 11 Nov 2023 02:49:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 104ms
37ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-M0RYDTKBFK&gtm=45je3au1v888883767z877572129&_p=312719589&_gaz=1&gcd=11l1l1l1l1&cid=793066519.1698889994&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fnews.sanook.com%2Flotto%2F%3Futm_source%3Demail-lotto%26utm_medium%3Demail%26utm_campaign%3Dedm-mail-lotto&sid=1698889993&sct=1&seg=0&dt=%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%9C%E0%B8%A5%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A%E0%B8%B2%E0%B8%A5%20%E0%B8%87%E0%B8%A7%E0%B8%94%201%20%E0%B8%9E%E0%B8%A4%E0%B8%A8%E0%B8%88%E0%B8%B4%E0%B8%81%E0%B8%B2%E0%B8%A2%E0%B8%99%202566&en=page_view&_fv=1&_nsi=1&_ss=2&ep.content_category=lotto&ep.user_session_id=1698889993767.nkvkf8c9&ep.content_channel=news&ep.content_page_format=categorypage&ep.adblock_tracker=false&epn.user_non_personalized_ads=3&upn.user_login=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 01:53:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://news.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 161ms
52ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M0RYDTKBFK&cid=793066519.1698889994&gtm=45je3au1v888883767z877572129&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 01:53:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://news.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 174ms
62ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M0RYDTKBFK&cid=793066519.1698889994&gtm=45je3au1v888883767z877572129&aip=1&z=1787983278

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 01:53:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 213794966 Show response
fundingchoicesmessages.google.com/i/ 161 KB
53 KB 227ms
107ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/213794966?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079321

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6932e7a8a7d63e939a4872b9183a086dcc00afa50075f313901aea36374ec166

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-oZ8A7Bx2hrZQapg-j6c63g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 01:53:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-oZ8A7Bx2hrZQapg-j6c63g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1007499765/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=1625401677&cv=11&fst=1698889993777&bg=ffffff&guid=ON&async=1&gtm=45He3au1v77572129&gcd=11l1l1l1l1&u_w=1600&u_h=12...
https://www.google.com/pagead/1p-conversion/1007499765/?random=1625401677&cv=11&fst=1698889993777&bg=ffffff&guid=ON&async=1&gtm=45He3au1v77572129&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2F...
https://www.google.de/pagead/1p-conversion/1007499765/?random=1625401677&cv=11&fst=1698889993777&bg=ffffff&guid=ON&async=1&gtm=45He3au1v77572129&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fn...

42 B
108 B

66ms
66ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1007499765/?random=1625401677&cv=11&fst=1698889993777&bg=ffffff&guid=ON&async=1&gtm=45He3au1v77572129&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.sanook.com%2Flotto%2F%3Futm_source%3Demail-lotto%26utm_medium%3Demail%26utm_campaign%3Dedm-mail-lotto&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%9C%E0%B8%A5%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A&value=0&auid=936827614.1698889994&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOE82SHFnWVE2N0Q5cjdtVnN1bEJFaVVBVUtxaUpLN0oxWkhDWGVBTWJfS24xdy0xR0R0ZjFhalNpeFBISEVtOG16Szd2Yi1OGlhDaEVJOE82SHFnWVF0dS02eHZYVTRNN3pBUkl0QUJTYy0xYkx2cXUtMGVpcmt6ZlVIVERPV1ZHM3dBcDZWZ2VJQ2ZEVHpKX0NOaEwxRWNEWFlWeV9FbHUyIhMImaTltJqkggMVPJ_9Bx13nwQk&is_vtc=1&ocp_id=CQFDZdn7Nry-9u8P976SoAI&cid=CAQSGwDICaaNBLl5nAVSNwBx_g-2Ds_yPZ0bjwTnbg&eitems=ChEI8O6HqgYQrtiO1bqf5Z6BARIdAOvfYP5mjjXmM3xfCP-Ha0_sKGfUKPHqLyIZPSY&random=136702661&ipr=y

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 01:53:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 01:53:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1007499765/?random=1625401677&cv=11&fst=1698889993777&bg=ffffff&guid=ON&async=1&gtm=45He3au1v77572129&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.sanook.com%2Flotto%2F%3Futm_source%3Demail-lotto%26utm_medium%3Demail%26utm_campaign%3Dedm-mail-lotto&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%9C%E0%B8%A5%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A&value=0&auid=936827614.1698889994&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOE82SHFnWVE2N0Q5cjdtVnN1bEJFaVVBVUtxaUpLN0oxWkhDWGVBTWJfS24xdy0xR0R0ZjFhalNpeFBISEVtOG16Szd2Yi1OGlhDaEVJOE82SHFnWVF0dS02eHZYVTRNN3pBUkl0QUJTYy0xYkx2cXUtMGVpcmt6ZlVIVERPV1ZHM3dBcDZWZ2VJQ2ZEVHpKX0NOaEwxRWNEWFlWeV9FbHUyIhMImaTltJqkggMVPJ_9Bx13nwQk&is_vtc=1&ocp_id=CQFDZdn7Nry-9u8P976SoAI&cid=CAQSGwDICaaNBLl5nAVSNwBx_g-2Ds_yPZ0bjwTnbg&eitems=ChEI8O6HqgYQrtiO1bqf5Z6BARIdAOvfYP5mjjXmM3xfCP-Ha0_sKGfUKPHqLyIZPSY&random=136702661&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/408516141/ 42 B
455 B 181ms
67ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/408516141/?random=1698889993790&cv=11&fst=1698886800000&bg=ffffff&guid=ON&async=1&gtm=45He3au1v77572129&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.sanook.com%2Flotto%2F%3Futm_source%3Demail-lotto%26utm_medium%3Demail%26utm_campaign%3Dedm-mail-lotto&frm=0&tiba=%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%9C%E0%B8%A5%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A&fmt=3&is_vtc=1&cid=CAQSGwDICaaNpYidHq7Jab-6r1DvQl1MAA9XtfQilA&random=2606410249&rmt_tld=0&ipr=y

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 01:53:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/408516141/ 42 B
154 B 120ms
63ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/408516141/?random=1698889993790&cv=11&fst=1698886800000&bg=ffffff&guid=ON&async=1&gtm=45He3au1v77572129&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.sanook.com%2Flotto%2F%3Futm_source%3Demail-lotto%26utm_medium%3Demail%26utm_campaign%3Dedm-mail-lotto&frm=0&tiba=%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%9C%E0%B8%A5%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A&fmt=3&is_vtc=1&cid=CAQSGwDICaaNpYidHq7Jab-6r1DvQl1MAA9XtfQilA&random=2606410249&rmt_tld=1&ipr=y

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 01:53:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
222 B 61ms
60ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=312719589&t=pageview&_s=1&dl=https%3A%2F%2Fnews.sanook.com%2Flotto%2F%3Futm_source%3Demail-lotto%26utm_medium%3Demail%26utm_campaign%3Dedm-mail-lotto&ul=en-us&de=UTF-8&dt=%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%9C%E0%B8%A5%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A%E0%B8%B2%E0%B8%A5%20%E0%B8%87%E0%B8%A7%E0%B8%94%201%20%E0%B8%9E%E0%B8%A4%E0%B8%A8%E0%B8%88%E0%B8%B4%E0%B8%81%E0%B8%B2%E0%B8%A2%E0%B8%99%202566&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAEK~&jid=1696811936&gjid=2123638917&cid=793066519.1698889994&tid=UA-8147095-6&_gid=1508752815.1698889994&_r=1&_slc=1&gtm=45He3au1n81PNXLXRSv77572129&cd3=lotto&cd4=0&cd12=1698889993793.1m139yc7&cd22=news&cd23=categorypage&cd36=lotto&cd43=0&cd44=3&gcd=11l1l1l1l1&z=686848277

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1bf2204e4bc320500b589d112b120f2c00240f6bac71af61590485ae0ebc5998

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://news.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 01:53:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://news.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 goggen.php
lvs2.truehits.in.th/ 91 B
292 B 187ms
187ms Image
image/jpeg 203.154.58.214
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lvs2.truehits.in.th/goggen.php?hc=d0004449&bv=0&rf=bookmark&web=rGYKPSf7QcYV34l6e4YLTA%3D%3D&bn=Netscape&ss=1600*1200&sc=24&sv=1.3&ck=y&ja=n&vt=4394C090.1&fp=d&fv=-&truehitspage=sanook.news.lotto&truehitsurl=https%3a//news.sanook.com/lotto/?utm_source%3Demail-lotto%26utm_medium%3Demail%26utm_campaign%3Dedm-mail-lotto&async=1
Requested by: Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.58.214 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-58-214.northern.inet.co.th
Software: nginx/1.23.3 /
Resource Hash: 44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type: image/jpeg
pragma: no-cache
date: Thu, 02 Nov 2023 01:53:14 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: nginx/1.23.3
p3p: CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 55ms
55ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-8147095-6&cid=793066519.1698889994&jid=1696811936&gjid=2123638917&_gid=1508752815.1698889994&_u=YADAAEAAAAAAACAEK~&z=2138537161

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://news.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 02 Nov 2023 01:53:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://news.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
82 KB 69ms
69ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-17F0RQM2JW&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa4eec3386692a962a326b64dd7e3d82f83d06d53ae07baeb1c637ded21a1b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 01:53:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84066
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Nov 2023 01:53:14 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 67ms
64ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-8147095-6&cid=793066519.1698889994&jid=1696811936&_u=YADAAEAAAAAAACAEK~&z=525579325

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 01:53:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 65ms
62ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-8147095-6&cid=793066519.1698889994&jid=1696811936&_u=YADAAEAAAAAAACAEK~&z=525579325

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 01:53:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 38ms
36ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-17F0RQM2JW&gtm=45je3au1v9134475311&_p=312719589&_gaz=1&gcd=11l1l1l1l2&ul=en-us&sr=1600x1200&cid=793066519.1698889994&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fnews.sanook.com%2Flotto%2F%3Futm_source%3Demail-lotto%26utm_medium%3Demail%26utm_campaign%3Dedm-mail-lotto&dt=%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%9C%E0%B8%A5%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A%E0%B8%B2%E0%B8%A5%20%E0%B8%87%E0%B8%A7%E0%B8%94%201%20%E0%B8%9E%E0%B8%A4%E0%B8%A8%E0%B8%88%E0%B8%B4%E0%B8%81%E0%B8%B2%E0%B8%A2%E0%B8%99%202566&sid=1698889994&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_3=lotto&ep.ua_dimension_4=0&ep.ua_dimension_12=1698889993793.1m139yc7&ep.ua_dimension_22=news&ep.ua_dimension_23=categorypage&ep.ua_dimension_36=lotto&ep.ua_dimension_43=0&ep.ua_dimension_44=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-17F0RQM2JW&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 01:53:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://news.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 53ms
52ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-17F0RQM2JW&cid=793066519.1698889994&gtm=45je3au1v9134475311&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-17F0RQM2JW&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 01:53:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://news.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 65ms
64ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-17F0RQM2JW&cid=793066519.1698889994&gtm=45je3au1v9134475311&aip=1&z=902829011

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 01:53:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxUudUiNstRsupC-cI40phVNDI7_m024bjSK5vMoPyEQne9wwa_IpO5Ct4k2GGnzn8bh2KVitKe5JY94jzhQnCxfiEUuywZR0CC6LA8dA6IDIQQb-sGTnJ9lHldBlPA21nH7aEupoQ== Show response
fundingchoicesmessages.google.com/f/ 4 KB
3 KB 93ms
93ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUudUiNstRsupC-cI40phVNDI7_m024bjSK5vMoPyEQne9wwa_IpO5Ct4k2GGnzn8bh2KVitKe5JY94jzhQnCxfiEUuywZR0CC6LA8dA6IDIQQb-sGTnJ9lHldBlPA21nH7aEupoQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk4ODg5OTk0LDM2NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9uZXdzLnNhbm9vay5jb20vbG90dG8vIixudWxsLFtbOCwiVnVjbGtTTkRqelEiXSxbOSwiZGUiXSxbMTYsIlsxLDEsMV0iXSxbMTksIjIiXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.VuclkSNDjzQ.es5.O/am=CAM/d=1/rs=AJlcJMxuTrmCNaSqf6KHyT_r6kwj793d2Q/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c37c9c6c960f80e50e2952ffcf4f801b6a5e19e59b35dcb948c6756762a5a995

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oLcS7L7WC3ldhus4cb8xig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 01:53:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-oLcS7L7WC3ldhus4cb8xig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 58ms
28ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079321

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 01:53:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-a9a7"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Nov 2023 01:53:14 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 35ms
7ms Script
text/javascript 18.66.97.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079321
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-109.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 05:49:30 GMT
content-encoding: gzip
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 72225
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: MGvF5i58QTq96DcR0WXz8m43MmtFkljbYVR_a2ZB4ohjcQGEryaNBQ==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 54ms
7ms Script
text/javascript 2600:9000:2250:9e00:a:e047:753:6381
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079321
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9e00:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Wed, 01 Nov 2023 10:00:04 GMT
Via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 62700
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: IrRmtSGadvONcFt5lYARxIKWyA2MHUc54ibL_kjDO09Nm2_4czYoAA==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 50ms
14ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079321
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 04:08:06 GMT
content-encoding: gzip
age: 510308
x-guploader-uploadid: ABPtcPo0EtTFY7fWGwfH7YcFpkKhyxlIy8AKei3hIiamRpXW1UUlNwTbcJ7u7ADJOjBFaq-z8Y2OubPY6SA1WObOmaOYZQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sat, 26 Oct 2024 04:08:06 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 143 KB
31 KB 63ms
26ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079321

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 01:53:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 08:11:43 GMT
server: cloudflare
x-amz-request-id: AZKHMN3J5641D79A
age: 1255
etag: W/"8a9ad568d94062c0186983f6aac0be50"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 81f8be215b7018d2-FRA
x-amz-id-2: YY4ezUb+Muw1VQU1aI5EgLP88wpJNBo+MUdVwQr7NiV/iORInFjKJJUHg1PFn8mGwE0HwKVkR34=

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 67ms
19ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079321

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 01:53:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 556
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220064-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P3bXax%2F8p3Eah9KOhDYTQ4Kpppi%2FT9ULBGVhJpOHoT2uql8qdHe6QBuI%2FYPgCCUTBKaJhlF7e1V51oZGxnQk6TPOboRUfaL5BtktJMwj7ygsi3%2BJNOhhsn8obYZppu70P5DojjcFB0TciHxT0zU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 81f8be2168099137-FRA

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
977 B 143ms
142ms Fetch
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3201505007165595&correlator=1926178693545686&eid=31079300%2C31079321&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fifs&us_privacy=1---&npa=1&iu_parts=4899711%2Cnews.sanook%2Cdesktop%2Clotto%2Ccategorypage%2Cthemead%2Creca&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2C%2F0%2F1%2F2%2F3%2F4%2F6&prev_iu_szs=1150x100%2C300x250%7C257x240&ifi=1&didk=681235838~1377021228&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1698889994407&lmt=1698889994&adxs=225%2C1020&adys=40%2C1915&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fnews.sanook.com%2Flotto%2F%3Futm_source%3Demail-lotto%26utm_medium%3Demail%26utm_campaign%3Dedm-mail-lotto&vis=1&psz=1150x0%7C349x0&msz=1150x0%7C300x0&fws=0%2C0&ohw=0%2C0&ga_vid=793066519.1698889994&ga_sid=1698889994&ga_hid=312719589&ga_fc=true&dlt=1698889992528&idt=1402&adks=122339265%2C3560875007&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079321

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

716757d1c8e283308a2c85d78d532fe4e70aad854eff8ed91e954eb30cd8dd51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 01:53:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 471
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
59d611db1c429489a78dbd7f958179d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0799 6 KB
3 KB 202ms
60ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://59d611db1c429489a78dbd7f958179d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079321

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 01:53:14 GMT
expires: Fri, 01 Nov 2024 01:53:14 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
334 B 112ms
32ms XHR
application/json 34.249.63.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.63.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-63-196.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 22604ffe6249b471f79286c1c85b22ea8799ddf894a0b7b29c31f18c0540c4d6

Request headers

Referer: https://news.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 01:53:14 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://news.sanook.com
cache-control: no-cache
x-server: 10.45.3.168
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 AGSKWxXhcRlJO66fMIU6xG1qhxwsbT_b_tqiRJgeGcOtFhNdOJSTVGp6XiaXEXelQN4KajbnoAU8u2wOQGx2-7RkA5nCus1d0y1AVBHFZK-lfELPFrBqSyyapA7Flcuegi6Fwgc0B1GqXA== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 102ms
101ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXhcRlJO66fMIU6xG1qhxwsbT_b_tqiRJgeGcOtFhNdOJSTVGp6XiaXEXelQN4KajbnoAU8u2wOQGx2-7RkA5nCus1d0y1AVBHFZK-lfELPFrBqSyyapA7Flcuegi6Fwgc0B1GqXA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk4ODg5OTk0LDQ2NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXSwiaHR0cHM6Ly9uZXdzLnNhbm9vay5jb20vbG90dG8vIixudWxsLFtbOCwiVnVjbGtTTkRqelEiXSxbOSwiZGUiXSxbMTYsIlsxLDEsMV0iXSxbMTksIjIiXV1d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a0042ddc6f8698240662fefdd47853150b73d445cc672f3a680ef9d198827f51

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-bYPw1Kf6jjmNWbS-6-bO6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 01:53:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-bYPw1Kf6jjmNWbS-6-bO6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fnews.sanook.com%2Flotto%2F%3Futm_source%3Demail-lotto%26utm_medium%3Demail%26utm_campaign%3Dedm-mail-lotto&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fnews.sanook.com%2Flotto%2F%3Futm_source%3Demail-lotto%26utm_medium%3Demail%26utm_campaign%3Dedm-mail-lotto&rid=esp&cc=1

85 B
194 B

116ms
115ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fnews.sanook.com%2Flotto%2F%3Futm_source%3Demail-lotto%26utm_medium%3Demail%26utm_campaign%3Dedm-mail-lotto&rid=esp&cc=1
Requested by: Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 7e7006342d8d8471d2eb8dd8c94b64203821a3ade016f2421eee4d30fbca8988

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 01:53:14 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-/jMekacrxr+KrRbgDIoz/gQxPEM"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://news.sanook.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Thu, 02 Nov 2023 01:53:14 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://news.sanook.com
location: /esp?url=https%3A%2F%2Fnews.sanook.com%2Flotto%2F%3Futm_source%3Demail-lotto%26utm_medium%3Demail%26utm_campaign%3Dedm-mail-lotto&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
231 B 31ms
7ms XHR
text/plain 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://news.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://news.sanook.com
date: Thu, 02 Nov 2023 01:53:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 061C 0
176 B 62ms
20ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://news.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Thu, 02 Nov 2023 01:53:14 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 cookiepolicy.png
s.isanook.com/sr/0/images/ 15 KB
16 KB 26ms
26ms Image
image/png 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/cookiepolicy.png
Requested by: Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: f76b54967b2cafb148e45ef0db41343de2467ed970923f1b73d547a2475f5a4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 03:44:18 GMT
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
etag: W/"PSA-aj-BvEsABvVBU"
content-type: image/png
access-control-allow-origin: *
x-nws-log-uuid: 7932175445545300671
accept-ranges: bytes
content-length: 15754
expires: Thu, 12 Oct 2023 03:46:17 GMT

GET
H2 200 SukhumvitBold.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 31 KB
32 KB 9ms
8ms Font
font/woff2 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitBold.woff2
Requested by: Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f

Request headers

Referer: https://news.sanook.com/
Origin: https://news.sanook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 03:41:18 GMT
x-cache-lookup: Cache Hit
last-modified: Thu, 12 Oct 2023 02:58:39 GMT
server: Lego Server
age: 219
etag: "652760df-7df4"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 11275535203744754134
accept-ranges: bytes
content-length: 32244

GET
H2 200 SukhumvitReg.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 31 KB
31 KB 7ms
6ms Font
application/octet-stream 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitReg.woff2
Requested by: Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479

Request headers

Referer: https://news.sanook.com/
Origin: https://news.sanook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 03:44:24 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 12 Oct 2023 02:58:39 GMT
server: Lego Server
age: 0
etag: W/"652760df-7a90"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 12242281034517872214
accept-ranges: bytes
content-length: 31404

GET
H2 200 base-icon-v1.0.39.woff2
s.isanook.com/sr/0/fonts/icon/ 37 KB
37 KB 7ms
7ms Font
application/octet-stream 43.152.26.197
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/icon/base-icon-v1.0.39.woff2
Requested by: Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: beb6d8bf79e492a84adf9823f91f1f9bc10e8186df99385c736894c4e6f7fac2

Request headers

Referer: https://news.sanook.com/
Origin: https://news.sanook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 03:44:30 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 12 Oct 2023 02:58:38 GMT
server: Lego Server
age: 0
etag: W/"652760de-9384"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 17432976239795017926
accept-ranges: bytes
content-length: 37738

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 10BC 15 KB
6 KB 51ms
17ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=news.sanook.com&us_privacy=1---&gpp=&gpp_sid=-1

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://news.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 01:53:15 GMT
server: Kestrel
server-processing-duration-in-ticks: 312647
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 10BC
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=sanook.com&sn=ChromeSyncframe&so=0&topUrl=news.sanook.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=BkcCs3xNaThLK2hNc1BWOHB4TzJLdjNjZHFpamoyZUc1RWJwS1Rxc0wwRkVOM1ppMkMxQmMrWXdrSVkvTUJ5R0QxTkRMUWs4RTdid1hLSjk4WGhtdklNRXRMalM1NldiZVdmQ3NpUCs3VG5oV01nY05wYk1JOW1OcFRSbz...

431 B
653 B

16ms
15ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=BkcCs3xNaThLK2hNc1BWOHB4TzJLdjNjZHFpamoyZUc1RWJwS1Rxc0wwRkVOM1ppMkMxQmMrWXdrSVkvTUJ5R0QxTkRMUWs4RTdid1hLSjk4WGhtdklNRXRMalM1NldiZVdmQ3NpUCs3VG5oV01nY05wYk1JOW1OcFRSbzlhcTZ6cXhTeFRJM1d2aGJKVlBLYkN2WDI3bUJhYVMxak8yckx2K211dkdYMUxCNkczbEtBQUFyQWxHeVBhUDhZdVNsOU91L0tod01rOEZ3eGVhSVJaa1JxQ3VZZjczRTE4Nk51SnNsT2xyaHJGNW9HcmUxNisyU0dMRDkxR1AxcUpVdmlGOVBMRzRqMnhmRmt3a0RYRTVESDM2SU81dz09fA&cppv=2

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a2417f76b87a6dfadbcd6db5bb515726be2674f6d928db17faa4b0eb7b8697f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 01:53:15 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1133396
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 01:53:14 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=BkcCs3xNaThLK2hNc1BWOHB4TzJLdjNjZHFpamoyZUc1RWJwS1Rxc0wwRkVOM1ppMkMxQmMrWXdrSVkvTUJ5R0QxTkRMUWs4RTdid1hLSjk4WGhtdklNRXRMalM1NldiZVdmQ3NpUCs3VG5oV01nY05wYk1JOW1OcFRSbzlhcTZ6cXhTeFRJM1d2aGJKVlBLYkN2WDI3bUJhYVMxak8yckx2K211dkdYMUxCNkczbEtBQUFyQWxHeVBhUDhZdVNsOU91L0tod01rOEZ3eGVhSVJaa1JxQ3VZZjczRTE4Nk51SnNsT2xyaHJGNW9HcmUxNisyU0dMRDkxR1AxcUpVdmlGOVBMRzRqMnhmRmt3a0RYRTVESDM2SU81dz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 223840
content-length: 0
expires: 0

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 72ms
71ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=6.891210372667351

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QI0T8mQ-fM-xf_gKfoaX_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 01:53:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-QI0T8mQ-fM-xf_gKfoaX_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 113ms
112ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=2.0096284889049967

Requested by

Host: news.sanook.com
URL: https://news.sanook.com/lotto/?utm_source=email-lotto&utm_medium=email&utm_campaign=edm-mail-lotto

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-whgjxB1TAFm-vkBYZt5G-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 01:53:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-whgjxB1TAFm-vkBYZt5G-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVrmxes5NMrS2hs0ZbGWwa_hWr8a1mnssUjYzjZ_b1lm0VXbiWcVxTAi4gD7HolWvjIdZP0rFW1yO8IweRtr7k5qfs2LFvCRvNtNlyzZzYT9oXk193rQNRpZODqLuMhapGJp2mqAw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 228ms
109ms XHR
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVrmxes5NMrS2hs0ZbGWwa_hWr8a1mnssUjYzjZ_b1lm0VXbiWcVxTAi4gD7HolWvjIdZP0rFW1yO8IweRtr7k5qfs2LFvCRvNtNlyzZzYT9oXk193rQNRpZODqLuMhapGJp2mqAw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_JuuK_78Dk9rI0RbeAn2Iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 02 Nov 2023 01:53:15 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_JuuK_78Dk9rI0RbeAn2Iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://news.sanook.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 177ms
66ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310310101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079321

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eaeb12bd2e83735c3d38ca2b8e738d434d2a8c62135679534d1579ef37f4a003

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 01:53:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12086
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 196ms
68ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079321

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 01:53:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 01:53:16 GMT

GET
H3 200 / Show response
fundingchoicesmessages.google.com/f/AGSKWxV_IbZh9EteJuiK6hmLjTHIDrTezaep1jUu6sjfLxUIYQ7qegzMhVSgC93PAJoMOGcekdU6xFS70iuT004spraGKROZZRDaHfrwlZfzw3SgcH-ayf6LWpAe5qizLqjCgOM4A6y_O3B1ogAsCR10ZAzTnAgNd... 54 B
109 B 81ms
81ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV_IbZh9EteJuiK6hmLjTHIDrTezaep1jUu6sjfLxUIYQ7qegzMhVSgC93PAJoMOGcekdU6xFS70iuT004spraGKROZZRDaHfrwlZfzw3SgcH-ayf6LWpAe5qizLqjCgOM4A6y_O3B1ogAsCR10ZAzTnAgNdXkdVl3mV41AlOYId2vZYE7mlXyuwiUW/_/home_adv./background_ad_/acc_random=/ad/adp_-ads-master/

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.VuclkSNDjzQ.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMwgkYQDBmpSpY6NlaVIC45GJoul3g/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d62210989c931295394599ceb815aa2df976b180a0d77e4a11d6446618497f6a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--JOLSvmFnAHIhtYSX-Zn0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 01:53:16 GMT
content-security-policy: script-src 'report-sample' 'nonce--JOLSvmFnAHIhtYSX-Zn0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 85 KB
30 KB 156ms
51ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a04ebf8435e0b44fbbce567d7270f0fa0c735c78c034e0753d543da2df01150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 01:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2670
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30931
x-xss-protection: 0
server: cafe
etag: 10546643742876388082
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 02:08:46 GMT

POST
H3 204 AGSKWxVrmxes5NMrS2hs0ZbGWwa_hWr8a1mnssUjYzjZ_b1lm0VXbiWcVxTAi4gD7HolWvjIdZP0rFW1yO8IweRtr7k5qfs2LFvCRvNtNlyzZzYT9oXk193rQNRpZODqLuMhapGJp2mqAw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 71ms
70ms XHR
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVrmxes5NMrS2hs0ZbGWwa_hWr8a1mnssUjYzjZ_b1lm0VXbiWcVxTAi4gD7HolWvjIdZP0rFW1yO8IweRtr7k5qfs2LFvCRvNtNlyzZzYT9oXk193rQNRpZODqLuMhapGJp2mqAw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-I90xvjceE7I7icqJ5fv5-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 02 Nov 2023 01:53:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-I90xvjceE7I7icqJ5fv5-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://news.sanook.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3046 13 KB
5 KB 60ms
56ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 19882
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 20:21:54 GMT
expires: Thu, 31 Oct 2024 20:21:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8575 829 B
981 B 65ms
63ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1e0b970b1246079e8c5a4bee1555a2d595fd3982ba0780cfaa3d258a48076e32

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-G4IYC8RzowsqN3Q9vrsgWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-G4IYC8RzowsqN3Q9vrsgWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 01:53:16 GMT
expires: Thu, 02 Nov 2023 01:53:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 AGSKWxVrmxes5NMrS2hs0ZbGWwa_hWr8a1mnssUjYzjZ_b1lm0VXbiWcVxTAi4gD7HolWvjIdZP0rFW1yO8IweRtr7k5qfs2LFvCRvNtNlyzZzYT9oXk193rQNRpZODqLuMhapGJp2mqAw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 70ms
70ms XHR
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVrmxes5NMrS2hs0ZbGWwa_hWr8a1mnssUjYzjZ_b1lm0VXbiWcVxTAi4gD7HolWvjIdZP0rFW1yO8IweRtr7k5qfs2LFvCRvNtNlyzZzYT9oXk193rQNRpZODqLuMhapGJp2mqAw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NM6zzzUAoNVLqPr6GhY3Gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 02 Nov 2023 01:53:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NM6zzzUAoNVLqPr6GhY3Gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://news.sanook.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8575 0
0 85ms
84ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310310101&jk=3201505007165595&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 3046 38 KB
15 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 18:43:58 GMT

POST
H3 204 AGSKWxVrmxes5NMrS2hs0ZbGWwa_hWr8a1mnssUjYzjZ_b1lm0VXbiWcVxTAi4gD7HolWvjIdZP0rFW1yO8IweRtr7k5qfs2LFvCRvNtNlyzZzYT9oXk193rQNRpZODqLuMhapGJp2mqAw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 71ms
71ms XHR
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVrmxes5NMrS2hs0ZbGWwa_hWr8a1mnssUjYzjZ_b1lm0VXbiWcVxTAi4gD7HolWvjIdZP0rFW1yO8IweRtr7k5qfs2LFvCRvNtNlyzZzYT9oXk193rQNRpZODqLuMhapGJp2mqAw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1_trqZj45VHnJOiNXzeR3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 02 Nov 2023 01:53:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1_trqZj45VHnJOiNXzeR3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://news.sanook.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVrmxes5NMrS2hs0ZbGWwa_hWr8a1mnssUjYzjZ_b1lm0VXbiWcVxTAi4gD7HolWvjIdZP0rFW1yO8IweRtr7k5qfs2LFvCRvNtNlyzZzYT9oXk193rQNRpZODqLuMhapGJp2mqAw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 104ms
104ms XHR
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVrmxes5NMrS2hs0ZbGWwa_hWr8a1mnssUjYzjZ_b1lm0VXbiWcVxTAi4gD7HolWvjIdZP0rFW1yO8IweRtr7k5qfs2LFvCRvNtNlyzZzYT9oXk193rQNRpZODqLuMhapGJp2mqAw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Sw4QzXvoCxMOlVmZ79ueVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 02 Nov 2023 01:53:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-Sw4QzXvoCxMOlVmZ79ueVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://news.sanook.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxURMbHfDDZvyoqr0zLGY9ZbPHbqEej-y1SQ_MrmWOkA_23K_qEkm9U2NvYHGB0iWZH3TWJMi7N1Er-Cd4grNhym0JDMLuBdaOWiebLbOCZmEJAo7-IP585Tmzh2hULOKm5IvZvJFw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 95ms
95ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxURMbHfDDZvyoqr0zLGY9ZbPHbqEej-y1SQ_MrmWOkA_23K_qEkm9U2NvYHGB0iWZH3TWJMi7N1Er-Cd4grNhym0JDMLuBdaOWiebLbOCZmEJAo7-IP585Tmzh2hULOKm5IvZvJFw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk4ODg5OTk2LDUzNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vbmV3cy5zYW5vb2suY29tL2xvdHRvLyIsbnVsbCxbWzgsIlZ1Y2xrU05EanpRIl0sWzksImRlIl0sWzE2LCJbMSwxLDFdIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf655243fbd19d87ce2fd2786bdca2582e1bd5f20f9983c2c83a9e6d718aa5e7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jQaFHyN5ZRcqdzcm7ZPcug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 01:53:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-jQaFHyN5ZRcqdzcm7ZPcug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVgaLF_0ZYiBQxMZdrgdsOdhHAt30TOSU6fAvrGDqa3S6IOaVtHddUZS42sLtkZxJgF6w4deRHW3CYpZbZv2_KiIqN4Ja6pIrMVq6EBe0SgDhyj_QFSWFNtLlwFAvJVgGWagfGrjA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 71ms
71ms XHR
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVgaLF_0ZYiBQxMZdrgdsOdhHAt30TOSU6fAvrGDqa3S6IOaVtHddUZS42sLtkZxJgF6w4deRHW3CYpZbZv2_KiIqN4Ja6pIrMVq6EBe0SgDhyj_QFSWFNtLlwFAvJVgGWagfGrjA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0f-G0FuXVHXS-JYKtVMufQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.sanook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 02 Nov 2023 01:53:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-0f-G0FuXVHXS-JYKtVMufQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://news.sanook.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3046 0
10 B 56ms
55ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KsSGsA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 01:53:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 87ms
86ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310310101&jk=3201505007165595&bg=!7u2l7aLNAAbo5yKYyOc7ADQBe5WfOEBeGjB96Vw_oyeUCmzTf-oUQxVPJgQi_slfs15vo2F8rZDJLuTAL1b99UDnPmYnAgAAAEtSAAAACGgBB5kCyBZLq1zPn8H-WtmBQ8UEdNxOVUWEIAX0JzdcLygtFzg3nSaOL_MYsuf7RjuowzJWsGNbTxgqQD-4pDSKij4v2kh7r_LKzq6ytGCYkM2U4QkRjRstzZ2j1VY9AkKmBOS3fb7ki1bRm1sZKmxAq2-XESNScPsQePei8GR_6JdnssqhAhGlK-yDTrjsCsArMMzB2yh-BFKEW9lj__b3qwaQbQcuwDIyitwRWNWGuMO1Zw4TCED2Y6vccqMq-bh59c5oCbDRgzg1hP_sTWLxBE65bW9PSdzNabrfXKESWNzUsw86YS6Bwy10jFupyXNsKrF7Zjded54_UqnLZvf8nUzY_d3fR2IAIUykdkfszeznbqCK_JClh7Q_XRdfGEUnj7Cj9qILpOAwWWTDwTTzz7DNqohW-1OWsPn7JATK98O8k7khAuRu06PZMPiedD6JQZFgss_fPeHtMiG8dcxG8LmBGLzBeYRawXIOqHo9daXlu6qbfOjLTIS_Be5Pk5r_30iaP8UOj4HTo5lUCFes4NRFB86qM5WWvBpUDrNaEo6tGY7p6wDBcNPAg5FJyFxnjaj2ucobQ_MzKhEFaQg0pFjuh0gfHlmVwjDftLuDB2Mqq8nfAUjcNNwlPn5m3qXxUWRkfCKhmyL-x8ONk5L_cYxKQ6aUtwcTCSetMyfVn88hkbRPu1jKf9V6cO01yRhl31wEXgnJF6kcZYmaIsvAdCwSLz0sjValuDj6EpreGafRAovQ5xheDNCTV1Tq1A93U512XXb6Odw0nsGUULvLQGWk_0Cp48KkR22luZNWBvd8CoXlf5mu_8ZVGxSwUFtHsGGFIijS0pY7dPs0nh7q5IAL0S9mrC7wl5OuAmf9QCvXQNdN-jTh5voPvxCc7y9IBJX4PLID4HPdPMLWjQkwiGlwxsta2RBzhizyZFoxM3bGWTF0cHBq6wjqDLE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

290 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
news.sanook.com/lotto	1969-12-31 23:59:59	Name: verify Value: test
.sanook.com/	1970-01-20 18:04:25	Name: _gcl_au Value: 1.1.936827614.1698889994
.sanook.com/	1970-01-21 01:30:49	Name: _ga_M0RYDTKBFK Value: GS1.1.1698889993.1.0.1698889993.60.0.0
.sanook.com/	1970-01-21 01:30:49	Name: _ga Value: GA1.2.793066519.1698889994
.sanook.com/	1970-01-20 15:56:16	Name: _gid Value: GA1.2.1508752815.1698889994
.sanook.com/	1970-01-20 15:54:50	Name: _gat_UA-8147095-6 Value: 1
.sanook.com/	1969-12-31 23:59:59	Name: _cbclose Value: 1
.sanook.com/	1969-12-31 23:59:59	Name: _cbclose45879 Value: 1
.sanook.com/	1970-01-21 00:40:25	Name: _uid45879 Value: 4394C090.1
.sanook.com/	1970-01-20 15:54:51	Name: _ctout45879 Value: 1
.sanook.com/	1970-01-21 01:30:49	Name: _ga_17F0RQM2JW Value: GS1.2.1698889994.1.0.1698889994.60.0.0
.sanook.com/	1970-01-20 15:54:50	Name: lotame_domain_check Value: sanook.com
.doubleclick.net/	1970-01-21 01:16:25	Name: IDE Value: AHWqTUnqQNaX_R8WWrXExrwMbGxVDTtHTCQfpwLYq7ivEMASQCmVzVfx6XVf9Or1DXc
.sanook.com/	1970-01-21 01:16:25	Name: __gads Value: ID=6fbac34504218066:T=1698889994:RT=1698889994:S=ALNI_MYO9rB7PopgtG185EOBle7cfCkNMw
.sanook.com/	1970-01-21 01:16:25	Name: __gpi Value: UID=00000cb10b5767f2:T=1698889994:RT=1698889994:S=ALNI_MaY5nT4oN9nPN8eUjSBmISNj_NSmw
.openx.net/	1970-01-21 00:40:25	Name: i Value: 69905a88-5041-4e81-bea7-c562a324bb91\|1698889994
.criteo.com/	1970-01-21 01:16:25	Name: uid Value: e9462849-a0fc-4ab6-ad00-5e0afff993cd
.sanook.com/	1970-01-21 01:16:25	Name: cto_bundle Value: EubTBl9iaUcwdXVBM2hhOHNsMXR0UlV3dUF6amEydG0ya2ZLZndSZlYwSk5zT0hqcjlYbTF4eFZOUmNTdmJISEhwOCUyRnJEM2hpbDFtcjg2SkRZNzhpU1F2djdmV296UmphY0J5V2dGeTYzJTJCUWxUZzZiZVZMQld0bU5yM3lZJTJGTlhUUHYxOVBGZmYlMkZkRGgxZDUxalQ5YjlqMzFuZyUzRCUzRA
.sanook.com/	1970-01-21 00:40:25	Name: FCNEC Value: %5B%5B%22AKsRol9WFg2NdlSwtPwaKN5UGmDu6sAgPmmdpsg0cx_pjIZ8enlgJ2CTbvdWFc2sfSxepXwhIHRmJxqAjkRfNXOl7jzDKfote-5Kl1qMY7iZemnik1EUFey49DFtlNSR1XqmFBn0-U0s3iUXWFlSYpavfZ5ZBf7Gzw%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://p1.isanook.com/de/0/shared/js/vendors/jquery-2.1.4.min.js(Line 2) Message: Listener added for a synchronous 'DOMSubtreeModified' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

59d611db1c429489a78dbd7f958179d5.safeframe.googlesyndication.com
bcp.crwdcntrl.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
connect.facebook.net
fundingchoicesmessages.google.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
graph.facebook.com
gum.criteo.com
id5-sync.com
lvs2.truehits.in.th
mug.criteo.com
news.sanook.com
oa.openxcdn.net
oajs.openx.net
p1.isanook.com
pagead2.googlesyndication.com
region1.analytics.google.com
s.isanook.com
sal.isanook.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
tags.crwdcntrl.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.sanook.com
162.19.138.118
172.217.16.130
18.245.60.107
18.66.97.109
2001:4860:4802:34::36
203.151.128.160
203.154.58.214
2600:9000:2250:9e00:a:e047:753:6381
2606:4700:10::6816:3556
2606:4700::6810:5814
2a00:1450:4001:811::2001
2a00:1450:4001:811::200e
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2008
2a00:1450:400c:c00::9c
2a02:2638:3::3
2a02:2638:3::c
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f084:10d:face:b00c:0:2
34.102.146.192
34.120.107.143
34.249.63.196
35.244.159.8
43.152.26.197
61.91.93.41
61.91.94.165
019425994d897f9738178a0c5372fda69299f94fb259558b43d18d1ced487d45
06ebe103a8a51dbe2bf016993dd31342eab60bcca80b476efe211c7e1c3fecb2
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
0a3c15df84795d4f89cd6aa48b72cb72195ff1b7b34cae28a6ed15f681ccdd80
0b3944e82dadd81c0975857dbf19d0ad0f4e0a5dd6343ed20b11bb6316d83e90
0c49cd09951e9ddac92877fd200c8f508b5337097f25433cd6f61f735ab4ba42
0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d
10f9d0a64cb2a08feccd42520c736f440fe41a5a1238e454649e2cf6bd409370
116b85d71cf9a85a2acb814c0880d355d79d1d41272d1eb43cdfed7b9b1347c3
12a4909fcf28533887b1f08874b22e9bc2ac41e1d0aea584919b1cecd90cbff4
17104e93446b886fad5b4f32d2ce1f65dc28a06c6c32261548b9df5d27f568cc
18d5be0db957e1007ae395f274f88a68b583d29c766a6c8c3c5fd3031682a3e9
198ab6303f46948f56c4c52a15e4b7dacac3dcd83c01e6cc7fec37db2ed63b5f
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1bf2204e4bc320500b589d112b120f2c00240f6bac71af61590485ae0ebc5998
1e0b970b1246079e8c5a4bee1555a2d595fd3982ba0780cfaa3d258a48076e32
22604ffe6249b471f79286c1c85b22ea8799ddf894a0b7b29c31f18c0540c4d6
2516e5572d48abcb809f4494c65200253715a9f788bf8990448f76c189ae09c7
27b7a3bbee59f09c009e2c553977892aab4a00b052e2132e41beaab17b5a786e
28d0ff26ca72b17c822273703ca3644dac9442a53566d17b4ab808863542f0f8
29bb9c1f1bf858626f162cf340bdf6a420a3709ffca4f31dde33680e81068a41
2b8a3c8543f7fce085f6892084a9f689d388fef2bf2572a9343b1a216e7a900e
2d440d6dab2ecf739d751496f8e38efe197259d7a03157fcb59ee856ed2e8b2c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3186999c451d80ac8e983af9d06640162ec2a026538ebbc1b0225ee1e9e0ff7c
32452bc64693660d83eb8409e473547844a60425eb404c505866578f2c2b6f4f
36db92b8e96692847e55ba1b69d74a882910fa6837b4c83f62b3af965024bcdc
3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad
381866e3673743dbcb7dda015b19d35739e54c9ff2564f0b16ee9b7f2a0cbc61
39e49e61cd4248227b41db045f1b9a0ffeb952cc492c857b0b145b1f073676ef
3a04ebf8435e0b44fbbce567d7270f0fa0c735c78c034e0753d543da2df01150
3d7d65b435dd24e22534c67101ee67ea6db074cb7f7700fa7c9f2a34a3253008
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436
44d65bbcbfcf2791f8b47a359dced1b74a43a7ba7870ef898da6934d11cbbb6f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46f25d28d35da76ee76290e04d55983b38b7848dc8e58fb33689d1d5659f8d8e
487683ad995c751b97a0a768c031b0475d523cae89d87f1c483768483b0db00c
4c17ba92b6c24ef75330146fc1d7e27ff56ebb33bb6e1e466c19d40fe836a820
4df7ab3719f21d9c68d3009cbc8ca8c6dfebdbe8292c4aa5da2f8bda99f5e55e
4e538f70902d559c5b6b87878cdc0e99b0409156e056cd739966556d75e95b73
4ea87a36bed248e15fb875ffaba16f1151ba61bd078e0e4c06bf03c59f568a03
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305
5cb7a80591352d974326100c904af29211beac8784d368db93934d8750a9d753
5d29f977a94cb8824fb37a0e0cc69180b57e51be7483b2e5127428d67e5ae943
5d3a0ac4191095f9e2649d9fb387a78d4aadf35226dcfba28b2c6e2c6f263215
5e85eb301700f2533bbbb668df08ec9b97ab487208b65ac8c26f69a953ad1b74
60839b9c5a396544ae7b7cbac9f25e1fa6ea79a6ce6b762de87697bb489ece9c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
633ceb987e206dd495bddfb6bc86bd68fb92b6a995e947e59569092958a99a52
65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479
6932e7a8a7d63e939a4872b9183a086dcc00afa50075f313901aea36374ec166
6b958b7fee537b2763340f7aa58e63c8e9f184f0c03c3c095feb61b46d3c70d1
716757d1c8e283308a2c85d78d532fe4e70aad854eff8ed91e954eb30cd8dd51
7243699ab9965852f34304a2f569652e1952376046cca00b6f87638be081dd80
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
7a0d278e742eac7de1bb8cc308e4ed310c8d33f231aafee87715c4207f3c3157
7ac6e6de3d891fb47abeee0be99e30c4e9c4b0d8e21dc1b89f016094269ac236
7b24e983660c4ef0245513980525aa296902671968a45e2e25e3f341e7675db9
7be444bbbd07a7baf13ded8d1fcd8004dcf78c3ae00baf9b4e43e2c885848cc8
7d09953a2e6a323a15c1523f5a2ec25fb4dfdfdeb87e04b09f17139424d9e238
7e7006342d8d8471d2eb8dd8c94b64203821a3ade016f2421eee4d30fbca8988
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8621b672b2e4d3c45b6350f1684635eec3df8f0594c06a1558182a89a02692f6
8b050a1f5e3e3105054c4bc3b8dbb48c45e802aee30bed9fcd3aa24e9eb6d3ae
8fc376a243a87db42864c584fa535eccdb58a1444b603028a6b703f7f509f2e9
930f5f85ad94ed04369f882ede2b02d0f01ae66d1a48bc2897b746f3f85e4ecd
94aa2a14d9d3f6bedab802151ef2b9f0990f875224dcc3b27233b7abec66a7db
96b23240ea3896e30b1b6888fa51b330c3c9ce83398838cb15a03289cbff1e7d
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
a0042ddc6f8698240662fefdd47853150b73d445cc672f3a680ef9d198827f51
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a211849729500f9a8571ca79dafb21c85188cd306c3224943c2a44110739805d
a2417f76b87a6dfadbcd6db5bb515726be2674f6d928db17faa4b0eb7b8697f5
a27a15869ad334a3a98244cdb38b6244b25fdfe44972d442056df7daaeab6e9c
a2e73caf0394257c4c4b03e700d7527f738c5c58af293081436dac1dfcbf034e
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5ed1224f9ed8b1bb91aef559a21fb08bd536260a787d97f3a837c31b31f692c
a67a56885890e6859e090efe3b115f26ab051459f1b910353484bef910716fde
a9e9c736a4e5c6e6da730ffb1a1081cfcad2fd23eeadd93a170c2016fd11c46f
aa4eec3386692a962a326b64dd7e3d82f83d06d53ae07baeb1c637ded21a1b6c
ab0d063b4ff2827192c0e44103d3091457a1d2374c3b6243721c5679bb61eae2
ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f
ae5950d0a8356c2450cb6e7429f5ea205bfaf5a0b6cecff3102eb3b16daf821c
b954d75fe18fc4f434d917c09c8074086ccd126e5af3b9103ab2724a0afe9d30
bd5a2a936f143a7799ffb4d0879a763352352ce75a1f222a6ffaba8eb28c8e40
bd81e7c47f5441766634d2cab990230be9fad96b4c20a4be60145acee789d9f7
beb6d8bf79e492a84adf9823f91f1f9bc10e8186df99385c736894c4e6f7fac2
bf655243fbd19d87ce2fd2786bdca2582e1bd5f20f9983c2c83a9e6d718aa5e7
c37c9c6c960f80e50e2952ffcf4f801b6a5e19e59b35dcb948c6756762a5a995
c444e0f2a604b12936055c0592cfb020fcb415b601acfbdc64c3ca921a4f7af1
c851fff7907fa0824f2f3b77bc297bbd73d483ca5cd913a068f5a1453f0f5991
c98853801b436a4294533074fc2d83f42d55f4addfcdd113511afbc802731d8a
cb8374d40a133d3bdedef8fc3187054066733c7ba30e7bd2564c26a86f96fa2a
cb90079169f3de2531c97cee22810e597e68b3b2e2bb088158cfabd6a14c44dd
cfe18f4a59d4805361b5a8343617e7a707732b9de4540acfd8a1146e40ce98b5
d09c37301f66a30b88073cb7fa1de37ea3c77236ce761521bddd32113dfc4204
d139075d691ea89c7d5fdea93f5f602970eba5edb530b7c7cfcc9032378dd25d
d58b114cd652b2e462bab5c073dae26dc6e2dffef56a087492ba7f97bbf68912
d62210989c931295394599ceb815aa2df976b180a0d77e4a11d6446618497f6a
d8ff49ca20ca275a1ed182bd6febb6928496433847dfb3f08a6d77f20f9ebc65
da9035bae86e9fe67621d3e2b5982354303460daf89aebae513b0d9f3cab107b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de8527a0fbd6e4ad1602119ab6f70442c01eda23eefe32d8091f283066c63a0b
e2df7bc5430ea0dfc362605746096a573db544647ff84cf4078d99356c946945
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e550ba23d089bb003f52ab354b741d4d554118f7d287f54146fecba9312e0726
e6583ed1749f64b83fd66d6c11506ec39b792ab43a86f7ccde88f2b19675c4c2
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8cf20f6e98c91ff5a877209649b0839bb06e5751793babfb0dbbbb60a9e811a
eaeb12bd2e83735c3d38ca2b8e738d434d2a8c62135679534d1579ef37f4a003
eee9e04c302e2647530b33bbe8a77410a1f783e79f9ae4fc0cab660752dd3393
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7af2ead5c6192227c5081a447225293188cca91cbe1c3be73a94b5d39345bc
f110b9d9c8e7da0cdb2a30205d2a49eb990fcd54c47ae0f895aa6a2b790c4f23
f2988b8970f25baff05fc89f3aeaec2781b8685c980a8ebfc43e77b42302d671
f76b54967b2cafb148e45ef0db41343de2467ed970923f1b73d547a2475f5a4e
f9daf30e4bbad3625ebd9497ddbe5713e3d4e6642b8fe05e14f256c2dced8929
fb02c37600820b6ff5b3e93046970daa531ec14628243d8d04ea564a4094b92f
fd48bac2b9d196d7754ce7502fb80c77fb23f55cf9da7c6867a8a3ef2c295f73
ff133f917d08e28e48807c837baac016f143ace3e5647ca599602aabc4e611c7

news.sanook.com Open in urlscan Pro 203.151.128.160 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

145 Requests

98 %HTTPS

58 %IPv6

22 Domains

35 Subdomains

31 IPs

6 Countries

1569 kBTransfer

3918 kBSize

19 Cookies

73 Outgoing links

Redirected requests

145 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

news.sanook.com Open in urlscan Pro
203.151.128.160 Public Scan

Screenshot
Live screenshot

Full Image

145
Requests

98 %
HTTPS

58 %
IPv6

22
Domains

35
Subdomains

31
IPs

6
Countries

1569 kB
Transfer

3918 kB
Size

19
Cookies

145 HTTP transactions
0 data transactions