urlscan.io logo urlscan.io
SecurityTrails logo

www.sanook.com Open in urlscan Pro
203.151.128.172  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://webboard.news.sanook.com/forum/index.php
Effective URL: https://www.sanook.com/
Submission: On December 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 88 IPs in 11 countries across 58 domains to perform 406 HTTP transactions. The main IP is 203.151.128.172, located in Mueang Samut Prakan, Thailand and belongs to INET-TH-AS Internet Thailand Company Limited, TH. The main domain is www.sanook.com. The Cisco Umbrella rank of the primary domain is 104874.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on June 16th 2023. Valid for: a year.
This is the only time www.sanook.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 203.151.133.19 4618 (INET-TH-A...)
5 203.151.128.172 4618 (INET-TH-A...)
4 151.101.193.44 54113 (FASTLY)
80 43.152.26.142 139341 (ACE-AS-AP...)
13 2a02:2638:3::3 44788 (ASN-CRITE...)
3 2a00:1450:400... 15169 (GOOGLE)
2 203.154.58.214 4618 (INET-TH-A...)
4 61.91.94.165 7470 (TRUEINTER...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
4 23.43.60.191 16625 (AKAMAI-AS)
1 172.217.18.2 15169 (GOOGLE)
3 7 2a00:1450:400... 15169 (GOOGLE)
2 18.245.60.53 16509 (AMAZON-02)
3 2001:4860:480... 15169 (GOOGLE)
1 11 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 61.91.93.46 7470 (TRUEINTER...)
1 5 2a02:2638:3::c 44788 (ASN-CRITE...)
1 185.64.189.226 62713 (AS-PUBMATIC)
8 2a00:1450:400... 15169 (GOOGLE)
3 23.46.68.61 16625 (AKAMAI-AS)
2 104.26.6.228 13335 (CLOUDFLAR...)
1 157.240.251.35 32934 (FACEBOOK)
23 2a00:1450:400... 15169 (GOOGLE)
6 2a02:2638:3::7 44788 (ASN-CRITE...)
5 185.64.189.112 62713 (AS-PUBMATIC)
13 2a00:1450:400... 15169 (GOOGLE)
3 119.81.192.134 36351 (SOFTLAYER)
2 23.52.123.144 16625 (AKAMAI-AS)
1 4 185.89.210.122 29990 (ASN-APPNEX)
3 35.244.159.8 396982 (GOOGLE-CL...)
1 2602:803:c003... 26667 (RUBICONPR...)
1 77.245.57.78 36057 (WEBAIR-IN...)
2 9 104.18.36.155 13335 (CLOUDFLAR...)
2 18.239.18.33 16509 (AMAZON-02)
1 2600:9000:244... 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 185.64.190.78 62713 (AS-PUBMATIC)
2 61.91.93.45 7470 (TRUEINTER...)
2 172.64.149.180 13335 (CLOUDFLAR...)
1 151.101.129.108 54113 (FASTLY)
1 43.152.26.58 139341 (ACE-AS-AP...)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
4 162.19.138.117 16276 (OVH)
2 23.52.120.246 16625 (AKAMAI-AS)
2 52.214.165.240 16509 (AMAZON-02)
40 2a00:1450:400... 15169 (GOOGLE)
26 2a00:1450:400... 15169 (GOOGLE)
1 69.173.144.139 26667 (RUBICONPR...)
1 2a02:2638:3::12 44788 (ASN-CRITE...)
2 2 142.250.185.98 15169 (GOOGLE)
2 52.223.40.198 16509 (AMAZON-02)
3 3 54.82.8.121 14618 (AMAZON-AES)
1 1 178.250.1.9 44788 (ASN-CRITE...)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
1 1 35.208.249.213 15169 (GOOGLE)
1 2 52.51.155.112 16509 (AMAZON-02)
1 1 34.91.62.186 396982 (GOOGLE-CL...)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
3 13.32.22.213 16509 (AMAZON-02)
1 34.107.231.31 396982 (GOOGLE-CL...)
1 178.250.1.6 44788 (ASN-CRITE...)
1 213.202.235.8 24961 (MYLOC-AS ...)
1 54.216.8.15 16509 (AMAZON-02)
5 185.64.190.82 62713 (AS-PUBMATIC)
1 2606:4700::68... 13335 (CLOUDFLAR...)
28 2a02:2638:3::10 44788 (ASN-CRITE...)
2 2a02:2638:3::1a 44788 (ASN-CRITE...)
2 162.19.138.82 16276 (OVH)
1 18.238.243.129 16509 (AMAZON-02)
1 23.209.239.88 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 151.101.67.52 54113 (FASTLY)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a02:2638:d::c 44788 (ASN-CRITE...)
1 2600:9000:236... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 52.66.55.247 16509 (AMAZON-02)
1 151.101.66.137 54113 (FASTLY)
1 162.247.243.29 54113 (FASTLY)
1 193.108.153.18 20940 (AKAMAI-ASN1)
1 185.86.139.85 201081 (SMARTADSE...)
1 2a02:26f0:780... 20940 (AKAMAI-ASN1)
1 217.182.178.224 ()
2 142.250.186.102 ()
1 2a00:1450:400... ()
406 88
1    203.151.133.19 (Mueang Samut Prakan, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 19.134.151.203.sta.inet.co.th
webboard.news.sanook.com
5    203.151.128.172 (Mueang Samut Prakan, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 172.128.151.203.sta.inet.co.th
www.sanook.com
graph.sanook.com
4    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
beacon.taboola.com
80    43.152.26.142 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)
s.isanook.com
p3.isanook.com
13    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    203.154.58.214 (Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 203-154-58-214.northern.inet.co.th
lvs2.truehits.in.th
4    61.91.94.165 (Bang Phli, Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-94-165.static.asianet.co.th
sal.isanook.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2606:4700:20::681a:6e4 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.ocmhood.com
4    23.43.60.191 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-43-60-191.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
www.googleadservices.com
7    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    18.245.60.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-53.fra60.r.cloudfront.net
sb.scorecardresearch.com
3    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
11    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
3    2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.ocmtag.com
rtbdemand.apiip.net
1    61.91.93.46 (Bang Phli, Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-93-46.static.asianet.co.th
sloth-api.sanook.com
5    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
1    185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
ut.pubmatic.com
8    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    23.46.68.61 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-46-68-61.deploy.static.akamaitechnologies.com
avd.innity.net
2    104.26.6.228 (None, )

ASN13335 (CLOUDFLARENET, US)
t.ocmhood.com
1    157.240.251.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra5.facebook.com
www.facebook.com
23    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
6    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
5    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
13    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
3    119.81.192.134 (Singapore, Singapore)

ASN36351 (SOFTLAYER, US)
PTR: 86.c0.5177.ip4.static.sl-reverse.com
avd.innity.com
2    23.52.123.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-123-144.deploy.static.akamaitechnologies.com
a.teads.tv
4    185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
3    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
tencentth-d.openx.net
u.openx.net
google-bidout-d.openx.net
1    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    77.245.57.78 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
rtb-eu.andbeyond.media
9    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
2    18.239.18.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-33.ams58.r.cloudfront.net
tags.crwdcntrl.net
1    2600:9000:2447:3200:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
2    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
5    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com
b658dd82d5a8e28f7ee079cd9d71e1b6.safeframe.googlesyndication.com
f607b4521fa3239412fa7c19d1e1bd2a.safeframe.googlesyndication.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    61.91.93.45 (Bang Phli, Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-93-45.static.asianet.co.th
dc.sanook.com
2    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    43.152.26.58 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)
img-as.fsanook.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
4    162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
id5-sync.com
2    23.52.120.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-120-246.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    52.214.165.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-165-240.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
40    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
26    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
2    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
2    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    54.82.8.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-8-121.compute-1.amazonaws.com
i.liadm.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    2600:1f18:ed:550f:5c53:f7f0:1386:5d9a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
1    35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
2    52.51.155.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-155-112.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
3    13.32.22.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-213.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    34.107.231.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.231.107.34.bc.googleusercontent.com
p.adlooxtracking.com
1    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
1    213.202.235.8 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
1    54.216.8.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-8-15.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
5    185.64.190.82 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
28    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
2    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
2    162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    18.238.243.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-129.ams58.r.cloudfront.net
config.aps.amazon-adsystem.com
1    23.209.239.88 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-239-88.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    2606:4700:10::6816:35ad (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    151.101.67.52 (United States)

ASN54113 (FASTLY, US)
rtbpass.andbeyond.media
2    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
1    2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr3.eu.criteo.com
1    2600:9000:236e:8400:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)
wrappers.geoedge.be
1    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
2    2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
ssrv.bidsxchange.com
2    52.66.55.247 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-66-55-247.ap-south-1.compute.amazonaws.com
ssrv-pixel.bidsxchange.com
1    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.243.29 (United States)

ASN54113 (FASTLY, US)
bam.nr-data.net
1    193.108.153.18 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-18.deploy.static.akamaitechnologies.com
ced.sascdn.com
1    185.86.139.85 (France)

ASN201081 (SMARTADSERVER, FR)
prg8.smartadserver.com
1    2a02:26f0:780::5f65:36d3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ced-ns.sascdn.com
1    217.182.178.224 (None, )

ASN- ()
www10.smartadserver.com
2    142.250.186.102 (None, )

ASN- ()
ad.doubleclick.net
1    2a00:1450:4001:831::2006 (None, )

ASN- ()
s0.2mdn.net
Apex Domain
Subdomains		 Transfer
84 isanook.com
s.isanook.com — Cisco Umbrella Rank: 97809
p3.isanook.com — Cisco Umbrella Rank: 122128
sal.isanook.com — Cisco Umbrella Rank: 116013
1 MB
71 googlesyndication.com
a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
b658dd82d5a8e28f7ee079cd9d71e1b6.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
f607b4521fa3239412fa7c19d1e1bd2a.safeframe.googlesyndication.com
946 KB
43 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10143
csm.eu.criteo.net — Cisco Umbrella Rank: 9625
407 KB
37 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
ad.doubleclick.net
675 KB
26 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2693
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404
74 KB
16 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 544
ut.pubmatic.com — Cisco Umbrella Rank: 7777
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504
image6.pubmatic.com — Cisco Umbrella Rank: 793
t.pubmatic.com — Cisco Umbrella Rank: 3146
260 KB
15 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
mug.criteo.com — Cisco Umbrella Rank: 2811
bidder.criteo.com — Cisco Umbrella Rank: 776
ads.eu.criteo.com — Cisco Umbrella Rank: 9522
dis.criteo.com — Cisco Umbrella Rank: 550
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10971
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 16316
61 KB
9 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 484
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
6 KB
9 sanook.com
webboard.news.sanook.com
www.sanook.com — Cisco Umbrella Rank: 104874
graph.sanook.com — Cisco Umbrella Rank: 204373
sloth-api.sanook.com — Cisco Umbrella Rank: 169224
dc.sanook.com — Cisco Umbrella Rank: 118481
44 KB
8 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
476 KB
6 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 893
id5-sync.com — Cisco Umbrella Rank: 425
68 KB
5 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 979
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
id.crwdcntrl.net — Cisco Umbrella Rank: 2417
25 KB
5 openx.net
tencentth-d.openx.net — Cisco Umbrella Rank: 147375
u.openx.net — Cisco Umbrella Rank: 672
oajs.openx.net — Cisco Umbrella Rank: 1639
google-bidout-d.openx.net — Cisco Umbrella Rank: 1643
1 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
acdn.adnxs.com — Cisco Umbrella Rank: 610
20 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 6765
796 B
4 bidsxchange.com
ssrv.bidsxchange.com — Cisco Umbrella Rank: 182002
ssrv-pixel.bidsxchange.com — Cisco Umbrella Rank: 154858
4 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614
72 KB
4 liadm.com
i.liadm.com — Cisco Umbrella Rank: 517
i6.liadm.com — Cisco Umbrella Rank: 2358
2 KB
4 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 537
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 461
15 KB
4 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1020
beacon.taboola.com — Cisco Umbrella Rank: 15997
7 KB
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1673
a.ad.gt — Cisco Umbrella Rank: 1869
4 KB
3 innity.com
avd.innity.com — Cisco Umbrella Rank: 35648
2 KB
3 innity.net
avd.innity.net — Cisco Umbrella Rank: 47448
13 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
3 ocmhood.com
sdk.ocmhood.com — Cisco Umbrella Rank: 50150
t.ocmhood.com — Cisco Umbrella Rank: 11511
13 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
261 KB
2 smartadserver.com
prg8.smartadserver.com — Cisco Umbrella Rank: 20117
www10.smartadserver.com
3 KB
2 sascdn.com
ced.sascdn.com — Cisco Umbrella Rank: 10999
ced-ns.sascdn.com — Cisco Umbrella Rank: 3003
49 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940
547 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
569 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 644
cdn.indexww.com — Cisco Umbrella Rank: 1640
2 KB
2 andbeyond.media
rtb-eu.andbeyond.media — Cisco Umbrella Rank: 146566
rtbpass.andbeyond.media — Cisco Umbrella Rank: 58952
187 KB
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1466
760 B
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
89 KB
2 truehits.in.th
lvs2.truehits.in.th — Cisco Umbrella Rank: 92995
9 KB
1 2mdn.net
s0.2mdn.net
91 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 225
402 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 590
16 KB
1 geoedge.be
wrappers.geoedge.be — Cisco Umbrella Rank: 22565
3 KB
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1790
10 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1042
17 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
5 KB
1 exactag.com
m.exactag.com — Cisco Umbrella Rank: 11353
60 B
1 adlooxtracking.com
p.adlooxtracking.com — Cisco Umbrella Rank: 24966
4 KB
1 apiip.net
rtbdemand.apiip.net — Cisco Umbrella Rank: 26379
397 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 20274
270 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
623 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 902
374 B
1 fsanook.com
img-as.fsanook.com — Cisco Umbrella Rank: 173590
54 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1740
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2789
3 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
185 B
1 ocmtag.com
cdn.ocmtag.com — Cisco Umbrella Rank: 52663
698 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
2 KB
0 rlcdn.com Failed
api.rlcdn.com Failed
406 58
Domain Requested by
76 s.isanook.com www.sanook.com
40 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.sanook.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
www.googletagservices.com
ssrv.bidsxchange.com
ced-ns.sascdn.com
googleads.g.doubleclick.net
28 imageproxy.eu.criteo.net ads.eu.criteo.com
26 tpc.googlesyndication.com a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.sanook.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
23 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.sanook.com
a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com
13 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
www.sanook.com
13 static.criteo.net www.sanook.com
s.isanook.com
securepubads.g.doubleclick.net
ads.eu.criteo.com
11 www.google.com 1 redirects www.sanook.com
a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
8 www.googletagservices.com s.isanook.com
securepubads.g.doubleclick.net
a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com
googleads.g.doubleclick.net
7 googleads.g.doubleclick.net 3 redirects www.googletagmanager.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
6 bidder.criteo.com static.criteo.net
5 t.pubmatic.com ads.pubmatic.com
5 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
5 hbopenbid.pubmatic.com ads.pubmatic.com
5 www.google.de www.sanook.com
4 id5-sync.com cdn.id5-sync.com
ads.pubmatic.com
4 ib.adnxs.com 1 redirects ads.pubmatic.com
acdn.adnxs.com
4 gum.criteo.com 1 redirects static.criteo.net
ads.pubmatic.com
4 graph.sanook.com s.isanook.com
4 ads.pubmatic.com s.isanook.com
ads.pubmatic.com
4 sal.isanook.com www.sanook.com
4 p3.isanook.com www.sanook.com
s.isanook.com
p3.isanook.com
3 c.amazon-adsystem.com www.sanook.com
c.amazon-adsystem.com
3 i.liadm.com 3 redirects
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 avd.innity.com avd.innity.net
www.sanook.com
3 avd.innity.net p3.isanook.com
avd.innity.net
www.sanook.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.googletagmanager.com www.sanook.com
www.googletagmanager.com
www.google-analytics.com
2 ad.doubleclick.net googleads.g.doubleclick.net
2 ssrv-pixel.bidsxchange.com ssrv.bidsxchange.com
2 ssrv.bidsxchange.com pagead2.googlesyndication.com
2 id.hadron.ad.gt cdn.hadronid.net
2 lb.eu-1-id5-sync.com ads.pubmatic.com
cdn.id5-sync.com
2 csm.eu.criteo.net ads.eu.criteo.com
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 match.adsrvr.org ssum-sec.casalemedia.com
ads.pubmatic.com
2 cm.g.doubleclick.net 2 redirects
2 bcp.crwdcntrl.net tags.crwdcntrl.net
2 eus.rubiconproject.com ads.pubmatic.com
eus.rubiconproject.com
2 oajs.openx.net 1 redirects www.sanook.com
2 dc.sanook.com www.sanook.com
2 cdn.id5-sync.com securepubads.g.doubleclick.net
www.sanook.com
2 tags.crwdcntrl.net securepubads.g.doubleclick.net
www.sanook.com
2 a.teads.tv ads.pubmatic.com
2 t.ocmhood.com sdk.ocmhood.com
2 beacon.taboola.com www.sanook.com
2 region1.analytics.google.com www.googletagmanager.com
2 sb.scorecardresearch.com p3.isanook.com
www.sanook.com
2 connect.facebook.net www.sanook.com
connect.facebook.net
2 lvs2.truehits.in.th www.sanook.com
2 cdn.taboola.com www.sanook.com
cdn.taboola.com
1 s0.2mdn.net googleads.g.doubleclick.net
1 www10.smartadserver.com ssrv.bidsxchange.com
1 ced-ns.sascdn.com prg8.smartadserver.com
1 prg8.smartadserver.com ced.sascdn.com
1 ced.sascdn.com ssrv.bidsxchange.com
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com www.sanook.com
1 a.ad.gt cdn.hadronid.net
1 wrappers.geoedge.be rtbpass.andbeyond.media
1 rtb.fr3.eu.criteo.com a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com
1 f607b4521fa3239412fa7c19d1e1bd2a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 rtbpass.andbeyond.media www.sanook.com
1 cdn.hadronid.net www.sanook.com
1 secure.cdn.fastclick.net www.sanook.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 id.crwdcntrl.net ads.pubmatic.com
1 m.exactag.com ads.eu.criteo.com
1 cat.nl3.eu.criteo.com ads.eu.criteo.com
1 p.adlooxtracking.com www.sanook.com
1 rtbdemand.apiip.net www.sanook.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 euexchangesync.digitaleast.mobi 1 redirects
1 um.simpli.fi 1 redirects
1 trace.mediago.io 1 redirects
1 i6.liadm.com ssum-sec.casalemedia.com
1 dis.criteo.com 1 redirects
1 ads.eu.criteo.com a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 token.rubiconproject.com eus.rubiconproject.com
1 b658dd82d5a8e28f7ee079cd9d71e1b6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 img-as.fsanook.com www.sanook.com
1 u.openx.net ads.pubmatic.com
1 acdn.adnxs.com ads.pubmatic.com
1 js-sec.indexww.com ads.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 htlb.casalemedia.com ads.pubmatic.com
1 rtb-eu.andbeyond.media ads.pubmatic.com
1 fastlane.rubiconproject.com ads.pubmatic.com
1 tencentth-d.openx.net ads.pubmatic.com
1 www.facebook.com www.sanook.com
1 mug.criteo.com www.sanook.com
1 ut.pubmatic.com ads.pubmatic.com
1 sloth-api.sanook.com s.isanook.com
1 cdn.ocmtag.com sdk.ocmhood.com
1 www.googleadservices.com www.googletagmanager.com
1 sdk.ocmhood.com cdn.taboola.com
1 www.sanook.com
1 webboard.news.sanook.com 1 redirects
0 api.rlcdn.com Failed ads.pubmatic.com
406 107
Subject Issuer Validity Valid
*.sanook.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-16 -
2024-07-16		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.isanook.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-12 -
2024-10-23		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
lvs2.truehits.in.th
Sectigo RSA Domain Validation Secure Server CA		 2023-01-29 -
2024-02-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-13 -
2023-12-12		 3 months crt.sh
ocmhood.com
Cloudflare Inc ECC CA-3		 2023-04-04 -
2024-04-03		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-01-25 -
2024-01-24		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.innity.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-24 -
2024-02-26		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.innity.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-08 -
2023-12-09		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.andbeyond.media
Starfield Secure Certificate Authority - G2		 2023-02-14 -
2024-03-17		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.fsanook.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-06 -
2024-01-06		 a year crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
p.adlooxtracking.com
GTS CA 1D4		 2023-11-13 -
2024-02-11		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-03 -
2024-02-28		 3 months crt.sh
*.exactag.com
Sectigo RSA Organization Validation Secure Server CA		 2023-04-03 -
2024-05-03		 a year crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-17 -
2024-01-18		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
hadronid.net
GTS CA 1P5		 2023-12-03 -
2024-03-02		 3 months crt.sh
andbeyond.media
Certainly Intermediate R1		 2023-11-20 -
2023-12-20		 a month crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-07 -
2023-12-30		 3 months crt.sh
gw.geoedge.be
Amazon RSA 2048 M01		 2023-08-12 -
2024-09-09		 a year crt.sh
1465104285.rsc.cdn77.org
R3		 2023-10-23 -
2024-01-21		 3 months crt.sh
*.bidsxchange.com
Amazon RSA 2048 M02		 2023-05-14 -
2024-06-11		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-01		 a year crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-14 -
2024-07-17		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 43 frames:

Primary Page: https://www.sanook.com/
Frame ID: 70303528B43D07814FDAB92797F0256C
Requests: 219 HTTP requests in this frame

Frame: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Frame ID: E846CBE27554C78CD3A150F9D3B7DCB7
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
Frame ID: DB64141E2A63E1A055442EC14247EF29
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Frame ID: 0E720FBFDDAA97B9B3A5237BC5F8D704
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Frame ID: 05FE61F5E8E1B0E73365A5239FB854BD
Requests: 1 HTTP requests in this frame

Frame: https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 00C80989401E4598A4B14C56297BC689
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssC4g0NAMYs9580A7bwvaWOcyz7izrdvFH2JeyQQB5tqCh8OtrmviZPFyClv-kUyy4ZEzIHA4RRmEtyCno_8l-CLxLyLHP8TW0KOJOaQujdFASGnPr4973ZhUQpqBaauhKFnQ6p9heAaQ9LBn2E1dvDyUuXAB-dz3FKZ6LlpjgFGryaJDPOtGoVCLp-fex5dMMP5Wvg5xhH1Wzy18w0nYTS-R4q5krMUro5ikcRsYfZ6aRyMdUGfuwQCAWWYkUsz5QGAeUm7S5sWg5s1MO4cz1uC1MvmNG24QF7Hi2yqTb5wNb6YRJWYU_HHrg2XbfTYB7w96Unz2dHSzExOk0NlJxUf7TMM71ATplxAhj_-0Dkg4YE&sai=AMfl-YR3bbHbbVo4IstF5NvDRiRkWHtd_Fday8px4hQtWjJeq2ZtEY1otwgA3URQ62XBOgYBhjpdSC5F2omb7J9ktnK5gwyTkcO2TorEC_iXMfePji-izz4SuV7OIjpN1JYY78X2yAo-Mb8MsX1ilwtEX7BiOTyHFwcMxBGe6g&sig=Cg0ArKJSzCWAQTt64ozXEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: A3A8EF7C4E122C719250750454EE8A53
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYlxFYzgQxgl09vVRTba4pUa7PwRJeOcwvPaS0m9o_e5ypOCcPQGRQl7kj0rnYKADy2fiyCEi45XQrtuKDkWAsxzdjXwjJxTa5pMBAxDk-9RlPXEccGmhPp44nL-3uUMG8oYfg3YHH4iVt4c9ZtXWv9kjZ8DGoLtWIWUc9zOsT4wTJWBP26JZokFjL2zVj9L0lyLe1UfLVKylDo8rR4BGAoJcdiWI6xsmTDfPgMVVnI-JjBdDYw95kNrZSJO9-6etU9g3Tr8Da6PwwZ6tENI61AqmCah0s6quAZgH49A35D4r72O_9hTh4RN5pUOeRiUdrOgxfEA6WjU6upjtO-BfcEMyZEodP3piE2iX6cMR__Rd20Q0kLPGN&sai=AMfl-YSQsyVS2Wu6aq6gNMywzRsp-A8c6Zid-Rd-VIr5G-jS2Sr2TtHaUQ8BCLXp3j9OjLO_qWLsfGyvLX3KiuXsiXzIgunTiYxCUI5I62_BAgR70c19AF-XPMLSVTF_wyXyMPfMuXhdDOD_NZEFFfCRWamIZgGBPkEMXSOwhA&sig=Cg0ArKJSzMBdTabYeg9XEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 7132F3230D4F588E371E6CEA9D0ED624
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 47CAAD669B2F3AF540DF23C92F642E36
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AC38DE61A3D3AF700FBCE581D37EA258
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: B6C9ADD7C9400DF6BECC9DA10346D6E7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 095F6AEF25CD2DD1F1E01C2D0561CF23
Requests: 3 HTTP requests in this frame

Frame: https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DFCCFAE9B85C1A5582A646A005344D02
Requests: 12 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: C423F56CD9D1B4A2BDCF3AB486A327A7
Requests: 10 HTTP requests in this frame

Frame: https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2D626CEB3FE84B523C83EBB79B6FF24E
Requests: 10 HTTP requests in this frame

Frame: https://b658dd82d5a8e28f7ee079cd9d71e1b6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 3AA680A92F1AB6013FF6CBE34BB46A3B
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 92D8305130AD52E613A1B9A96A3EF3A8
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Frame ID: 5B218474EDAC9A6A82B5FF6B8692C4F1
Requests: 42 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssE62GIl6SQEQBsE-mt2RpS-8avuioPGVTFaXRHnmahOohWku2V1e3LmQS3fwdjGEMSsxKCpKB6ZfQHltSgQHW8M71LO2mucOog4Yb_r3fNdhyx65kpYUHSY6igWjGYs2RcUoJO9PqdTTTTRsMVtkCgZLCLj3TtuR5SOoE5QGkM8ppJB2DZUGPrO-anUw2ZwW69cJWbydwCxTdPBk20S2_M1uOppT2WhVocCaTiScUN99hzQUfqKRjniLGkbhM5yE3U1X3RC5SivxTEB6FvUt6vTabB0-aRiwT2OJ22zQMY96BW-LndSMCzWI_37i4abuFguQLn6Mygk1tgRJsk&sai=AMfl-YSMXCtDs3qtwjT5iVzV1wQ_ZY2qDEhBGVOJkOl2jrnLPH51y1epyDh3I_-tNNzm2sZaXkB8VX4zZPrnKQVB8vd4P9JyP5u-X2A32y9edjrkkrLX1DLNy1MsgPUQMGhUIOspzbHETiYq&sig=Cg0ArKJSzCx7bSdyR2okEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: F22F9422612B08D7A7FB4D6AEEA3A1F7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ECC1A781F0F5F814710391A4B491CD77
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BBFB548D4BB168A6D4991842FF6CA373
Requests: 2 HTTP requests in this frame

Frame: https://f607b4521fa3239412fa7c19d1e1bd2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: D79D99769EA18E5BC73F035A7074C9B6
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsusY0qoKBP9ydjOwXtg4cx5Q2ALScXTotm20_wblgEAWzHFM6UJ8GBlj0_ZNXNONWP2zacOFsDt7ZZvkvm5XKOMwIuAVNkw0w4eGwuhdV1uS4bZwTi_YzzLzEFwbwsozawoKj7W0q0WfnQBwH5RozGEgDpg-gbFVnHe6fJ5WQbUO50EkQ5HOw7OX-xet3rz3WXRnrshGXJGUIBirVFRHUn2JrYx9t1bpxhBO7PXN3rOJL3N5uS7tDCKOhQ4moHtTUUKQ6ROegFwAChlu_BkQzS6EEvs5vPYT-8kL6JO-IZvypxjHa-gFUqsIaTMfVUzcsDHNwYLAWbHrtC_AxkkW_SbdlqKytJDjqEyCg_vNF4esTEcy8kRy_c_lfZc1GdCwLoqAQ&sai=AMfl-YTWJDWE3KILAutUq__owzoV3PfC-KRJPWC-bATiNlXjU3Whj5ofgcBdJfU1615tCz5Ex5vV3zdiHWLJkcIG8o9-uCyV6q2CUziUdpeNwFwJfIwKATde&sig=Cg0ArKJSzOqyNiLQJ85MEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 8F2CF92C5B5829AACF54285964FBC1F1
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 825B8CC093421156CC942B827FEFF402
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 617088E4D42BD5BD797927E73B5F98D2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Frame ID: A055E7D2002E2FA24A1CF8AEE725A4C7
Requests: 1 HTTP requests in this frame

Frame: https://ssrv.bidsxchange.com/4667
Frame ID: E85D48AD2EBE0BFBF94431A7BCEFFA64
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 50E19152874ED4DF2B13E037373A67DB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 91153D3F44C15FBC3BFA05C581344C23
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: B12A216929FED572730E7FE59DC94AD0
Requests: 6 HTTP requests in this frame

Frame: https://cdn.taboola.com/webpush/tgframe.html
Frame ID: 3B2B8293D25D8D2EBD88CA002D8C3F0D
Requests: 1 HTTP requests in this frame

Frame: https://ssrv.bidsxchange.com/4666
Frame ID: 689BA5755FB40110C47CB422CBAC8C2C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 998AFD4ED8182DEFC996EFAF727B2FD9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B84E2062AFBE94A0813A5F22145DB291
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A1BF15E58B051140C9FA32F0C6A104DD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5556B63B19E545EE54D284779A1495B1
Requests: 2 HTTP requests in this frame

Frame: https://ced.sascdn.com/tag/4038/smart.js
Frame ID: 7AC54965068E136270659CAD7F3C065D
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: F0A25779875CAF251B27792783CAA79E
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1714061154748628&output=html&h=90&slotname=DSK-ADX-MCM-sanook.com-TH-Direct-RSwPB-STDB-728x90-0.10&adk=1472160761&adf=1143789953&pi=t.ma~as.DSK-ADX-MCM-sanook._&w=728&url=sanook.com&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701719531868&bpp=140&bdt=114&idt=358&shv=r20231129&mjsv=m202311280101&ptt=5&saldr=sd&correlator=527318550640&frm=8&ife=5&pv=1&ga_vid=2022959711.1701719532&ga_sid=1701719532&ga_hid=1123321082&ga_fc=0&nhd=7&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=670769789&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=1693300633080724&tmod=1555302604&uas=0&nvt=1&loc=https%3A%2F%2Fssrv.bidsxchange.com%2F4666&top=https%3A%2F%2Fwww.sanook.com&etu=AA-V4qOzUrXuJm06Qkvpcpim9BH7oxtGYqN81gUsc7e3fOcyHYeqVGTI_y0OAxXXe0xJBwYpbrVGfkfI&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9hy7bxdd2vtv&fsb=1&dtd=603
Frame ID: 0CC2000C628BD8C0576C7DA5308D55C9
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3EF9FBE89295A3242892F83FDEB17BC3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7A0E7363600BAB8F1C946D4DC61E7172
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMihxfQDEJCx_YAEGMi2s_wBMAE&v=APEucNWVRYN5X7dFBflAtytUez2nRSUTIT5CWnnKn4kEU7Nzso0n7gr6uLIkpB0rAMAPgWZKhPYDN_JUbQOOSMmz5UcdPO3rdw
Frame ID: F810389B6BAAB00955CC194230B91D30
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 0D1BC295DAEA4D60E9BB290FEF08EADC
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

sanook.com รวมข่าว ดูดวง หวย ผลบอล เพลง Joox เกม

Page URL History Show full URLs

  1. https://webboard.news.sanook.com/forum/index.php HTTP 301
    https://www.sanook.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

406
Requests

97 %
HTTPS

38 %
IPv6

58
Domains

107
Subdomains

88
IPs

11
Countries

5292 kB
Transfer

16009 kB
Size

55
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://webboard.news.sanook.com/forum/index.php HTTP 301
    https://www.sanook.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=463524141&cv=11&fst=1701719520230&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&value=0&auid=717176171.1701719520&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=4S1uZayeCoT57gPRvInwCg&sscte=1&crd=&eitems=ChEIgI62qwYQ2cH0ifKD6eG6ARIdALib_KtQrlaQRQpWF6VcJc8Uxc5VxmJK2QilJl4&pscrd=EkxDaEFJZ0k2MnF3WVEyWXZWbUlpWl9mRm5FaVVBZkloUHNqcUIyRXVsamNVY0pTRFBzellRRWpiYW83dVRmLVl0TkxzUXVxSUxsTXdJGldDaEFJZ0k2MnF3WVFwdGZCLUxMLWhkbHdFaTBBSDVqUHE0czducEtCMDFFdTZWTUlxaGZHTUxhRGNhNU5JM2F0QzFjSnhCRUc5NmZKeW1QZzhma0V2ODQiEwjsksScx_aCAxWEvHsKHVFeAq4 HTTP 302
  • https://www.google.com/pagead/1p-conversion/1007499765/?random=463524141&cv=11&fst=1701719520230&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&value=0&auid=717176171.1701719520&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0k2MnF3WVEyWXZWbUlpWl9mRm5FaVVBZkloUHNqcUIyRXVsamNVY0pTRFBzellRRWpiYW83dVRmLVl0TkxzUXVxSUxsTXdJGldDaEFJZ0k2MnF3WVFwdGZCLUxMLWhkbHdFaTBBSDVqUHE0czducEtCMDFFdTZWTUlxaGZHTUxhRGNhNU5JM2F0QzFjSnhCRUc5NmZKeW1QZzhma0V2ODQiEwjsksScx_aCAxWEvHsKHVFeAq4&is_vtc=1&ocp_id=4S1uZayeCoT57gPRvInwCg&cid=CAQSKQDICaaNVgjCBWI41UrdncbrpX_XAmPjxnIdjdkyw-VRdJ0c42zfkEfB&eitems=ChEIgI62qwYQ2cH0ifKD6eG6ARIdALib_Kvtv8OOqWMJPfkbqN1hcL0vSnnP3RQ1uas&random=1720372909 HTTP 302
  • https://www.google.de/pagead/1p-conversion/1007499765/?random=463524141&cv=11&fst=1701719520230&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&value=0&auid=717176171.1701719520&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0k2MnF3WVEyWXZWbUlpWl9mRm5FaVVBZkloUHNqcUIyRXVsamNVY0pTRFBzellRRWpiYW83dVRmLVl0TkxzUXVxSUxsTXdJGldDaEFJZ0k2MnF3WVFwdGZCLUxMLWhkbHdFaTBBSDVqUHE0czducEtCMDFFdTZWTUlxaGZHTUxhRGNhNU5JM2F0QzFjSnhCRUc5NmZKeW1QZzhma0V2ODQiEwjsksScx_aCAxWEvHsKHVFeAq4&is_vtc=1&ocp_id=4S1uZayeCoT57gPRvInwCg&cid=CAQSKQDICaaNVgjCBWI41UrdncbrpX_XAmPjxnIdjdkyw-VRdJ0c42zfkEfB&eitems=ChEIgI62qwYQ2cH0ifKD6eG6ARIdALib_Kvtv8OOqWMJPfkbqN1hcL0vSnnP3RQ1uas&random=1720372909&ipr=y
Request Chain 109
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=sanook.com&sn=ChromeSyncframe&so=0&topUrl=www.sanook.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=hPZ_aXwvc1ZCQy9ab3hkUzhwcndEUVBaU2NXV0g4Q3ZrMXZFQXhTWkdnenF6aGtJNml3MW9jbkg2Qi9nZDlzVG5GVXdLS3JtS0dtL21nWnQ3VEpYUVVxQlpTS3JTakFLVjFsWFVMTDAzQTNTY284cTZpZnJneGtXbUVuTlVWVE5nc2dFb2tMVVFKUG5XSlVZZVRJdlJpQ0tEQUNhL2NEUTRYNEZKSjFvSUJyaUVCK254T0RLSW9vSW03aHprNDFRUzFiaVczK1JZcy9TTWNQQ2VLRXBBZlEzcUdtejhqYXByZWYrR0JMRDNVUjNBSzhnbGRKYmhHQkdubEdDdGs4UXJFM3BWRStjdWxDZGhuUHdrUmVTSXREanhiQT09fA&cppv=2
Request Chain 173
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2F&rid=esp&cc=1
Request Chain 184
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 190
  • https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 208
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZW4t5IQOUnz3InHztUa7WgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJw3pnDq98KxZm1jTDo82YI&google_cver=1
Request Chain 210
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZW4t5IQOUnz3InHztUa7WgAABMAAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBnfxHamNF__tIMQo12qLNo&google_cver=1
Request Chain 211
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZW4t5IQOUnz3InHztUa7WgAA%261216&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZW4t5IQOUnz3InHztUa7WgAA%261216&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=b6cb19132eaf447eaebe3cb6fa44d3c8 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-a4-ozuI0FCEByzEQR66H_BrO5GVwTLT6isoPGw HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-a4-ozuI0FCEByzEQR66H_BrO5GVwTLT6isoPGw
Request Chain 212
  • https://trace.mediago.io/ju/cs/indexexchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=9d9fcb00c392d8852zakor00lprbv8v0
Request Chain 213
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZW4t5IQOUnz3InHztUa7WgAA%261216?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZW4t5IQOUnz3InHztUa7WgAA%261216
Request Chain 214
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=E9DBE17703284C178397F81EC2CE2B07
Request Chain 215
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=384acb92-6d18-4fe7-ba6f-dd4cbd662f3e
Request Chain 332
  • https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1714061154748628&output=html&h=90&slotname=DSK-ADX-MCM-sanook.com-TH-Direct-RSwPB-STDB-728x90-0.50-New&adk=970148494&adf=3176483929&pi=t.ma~as.DSK-ADX-MCM-sanook._&w=728&url=sanook.com&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701719527525&bpp=192&bdt=125&idt=394&shv=r20231129&mjsv=m202311280101&ptt=5&saldr=sd&correlator=363704203801&frm=24&ife=4&pv=2&ga_vid=1727033152.1701719528&ga_sid=1701719528&ga_hid=1458865271&ga_fc=0&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3115886066&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44807749%2C44806139%2C44807764%2C44808149%2C44808285%2C44809072%2C21065724&oid=2&pvsid=4379201949802626&tmod=1047071584&uas=0&nvt=1&loc=https%3A%2F%2Fa6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&top=https%3A%2F%2Fwww.sanook.com%2F&etu=AA-V4qOzUrXuJm06Qkvpcpim9BH7oxtGYqN81gUsc7e3fOcyHYeqVGTI_y0OAxXXe0xJBwYpbrVGfkfI&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.jbvx2ttj07xd&fsb=1&dtd=413 HTTP 302
  • https://ssrv.bidsxchange.com/4667
Request Chain 355
  • https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1714061154748628&output=html&h=90&slotname=DSK-ADX-MCM-sanook.com-TH-Direct-RSwPB-STDB-728x90-0.30&adk=1655443947&adf=3855021461&pi=t.ma~as.DSK-ADX-MCM-sanook._&w=728&url=sanook.com&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701719529134&bpp=217&bdt=103&idt=498&shv=r20231129&mjsv=m202311290101&ptt=5&saldr=sd&correlator=527318550640&frm=8&ife=1&pv=2&ga_vid=2133353224.1701719530&ga_sid=1701719530&ga_hid=26626019&ga_fc=0&nhd=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=567991549&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42532604%2C31079266%2C31079606%2C31079825%2C31079864%2C31079866%2C44785294%2C31079889%2C44806140%2C44807763%2C44808149%2C44808284%2C44809071&oid=2&pvsid=3092324058984945&tmod=1300600313&uas=0&nvt=1&loc=https%3A%2F%2Fssrv.bidsxchange.com%2F4667&top=https%3A%2F%2Fwww.sanook.com&etu=AA-V4qOzUrXuJm06Qkvpcpim9BH7oxtGYqN81gUsc7e3fOcyHYeqVGTI_y0OAxXXe0xJBwYpbrVGfkfI&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2dyhbjcu8st6&fsb=1&dtd=537 HTTP 302
  • https://ssrv.bidsxchange.com/4666

406 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.sanook.com/
Redirect Chain
  • https://webboard.news.sanook.com/forum/index.php
  • https://www.sanook.com/
284 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
203.151.128.172 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
172.128.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
97d03d9b36e2b7d108829b94735695dce99b5d34a3965397e2b3ba13ac8874be
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
public, s-maxage=15, max-age=5, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Mon, 04 Dec 2023 19:51:58 GMT
Proxy-Cache-Status
HIT
SN-Cache-Status
HIT
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Transfer-Encoding
chunked
Vary
Accept-Encoding User-Agent
X-Cache-Status
MISS
X-Ua-Device
desktop
X-Ua-Exp
notset
X-Ua-Key
cover_display
X-Ua-Type
human

Redirect headers

content-length
185
content-type
text/html
date
Mon, 04 Dec 2023 19:51:54 GMT
location
https://www.sanook.com/
server
nginx/1.14.0
taboola-push-sdk.js
cdn.taboola.com/webpush/publishers/1011713/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/webpush/publishers/1011713/taboola-push-sdk.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84dbea809787acd9c5c767113eb3f7bc492f55812613c10507f66f10d205db36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
OfFW3qSCFTk8stQse__31i5akmTWt65R
content-encoding
gzip
via
1.1 varnish
date
Mon, 04 Dec 2023 19:51:58 GMT
x-amz-request-id
FF1BVG5XVFC5WQWW
age
25732
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5678
x-amz-id-2
E/xEwBJN3ux3bfaHRCNlmMltN/W+OX5qYrB+tvcs6a3wiT1qb3HDIEYtQx67wQSmaEMhtfKmRMU=
x-served-by
cache-fra-eddf8230098-FRA
last-modified
Thu, 26 Oct 2023 09:07:03 GMT
server
AmazonS3
x-timer
S1701719519.951301,VS0,VE0
etag
"e2595c8172706b041a90c945e3638320"
vary
Accept-Encoding
content-type
application/octet-stream
abp
77
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
3
pubmatic_desktop.1.0.0.js
s.isanook.com/sh/0/js/ 		1 KB
832 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 19:47:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
1087
server
Lego Server
age
0
etag
W/"5afbec11-43f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
6027518708680019885
accept-ranges
bytes
content-length
550
expires
Fri, 15 Dec 2023 19:47:18 GMT
publishertag.js
static.criteo.net/js/ld/ 		129 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:51:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-20336"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Dec 2023 19:51:59 GMT
beacon.v1.js
p3.isanook.com/sh/0/js/ 		375 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/sh/0/js/beacon.v1.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:21:21 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 28 Nov 2013 06:56:15 GMT
server
Lego Server
age
430522
etag
"5296e90f-177"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
7139747711071811350
accept-ranges
bytes
content-length
266
expires
Sun, 24 Dec 2023 03:21:21 GMT
gtm.js
www.googletagmanager.com/ 		291 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7c5768d550b4f308928feda083854e7886d51ee2bde57c49d03a46371c75dc41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94842
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 04 Dec 2023 19:52:00 GMT
d0004449.js
lvs2.truehits.in.th/dataa/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lvs2.truehits.in.th/dataa/d0004449.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.58.214 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-58-214.northern.inet.co.th
Software
nginx/1.23.3 /
Resource Hash
77c32d6baa2fc6b1d615f0965434ec49d6dd99ca81ba343f36fc64c7f77754a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:00 GMT
last-modified
Thu, 30 Nov 2023 07:02:00 GMT
server
nginx/1.23.3
p3p
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
content-type
application/x-javascript
cache-control
max-age=604800
content-length
8719
expires
Mon, 11 Dec 2023 19:52:00 GMT
a102.js
sal.isanook.com/js/ 		23 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sal.isanook.com/js/a102.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.94.165 Bang Phli, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-94-165.static.asianet.co.th
Software
nginx /
Resource Hash
65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 19:52:03 GMT
Last-Modified
Mon, 10 Aug 2020 09:23:14 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24035
Expires
Wed, 03 Jan 2024 19:52:03 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 04 Dec 2023 19:52:01 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
7GCshBU/jUQ2qReuwJB/+W8kADTmDbX3xcyTRzB7L4+CaT+NuMckiDzYyzD50ApPnWk5k1OkGkhmktqyo4yJ7A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ht.js
sdk.ocmhood.com/sdk/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/webpush/publishers/1011713/taboola-push-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63c232511cd1f130faec46a40a0cde0cf7ea83a19b34f01267b793c8695c51b8

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5812
alt-svc
h3=":443"; ma=86400
service-worker-allowed
/
last-modified
Fri, 21 Jul 2023 09:35:24 GMT
server
cloudflare
etag
W/"64ba515c-2e63"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2FrJsj1YEfQlFqBHS32O4B%2FZI31mPkvc8nXgOo%2BZnI3FK8UoPYKPQawJILvL8zAyXi9%2BBikqzMn4dfuwhSJUNpesxfYY6v8YMz7MMn5jtgIGN%2BIF%2BzFBF9M7eo4hkQ5DAztN96AmUmPfnFz0DA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8306965f4c0b367e-FRA
pwt.js
ads.pubmatic.com/AdServer/js/pwt/155976/781/ 		2 MB
247 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.43.60.191 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-43-60-191.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
32d4e32610f665f17e5f51340879ea8ef32485270d3e74e8e70eeae967b32cfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:01 GMT
content-encoding
gzip
last-modified
Tue, 22 Aug 2023 07:17:44 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=28074
accept-ranges
bytes
content-length
252083
expires
Tue, 05 Dec 2023 03:39:55 GMT
/
www.googleadservices.com/pagead/conversion/1007499765/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/1007499765/?random=1701719520230&cv=11&fst=1701719520230&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&value=0&bttype=purchase&auid=717176171.1701719520&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
64a3b0d62991111449c66aecd89e3a791009ab343c8bbd295c051b165e831d0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1593
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/?random=1701719520238&cv=11&fst=1701719520238&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&hn=www.googleadservices.com&frm=0&auid=717176171.1701719520&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e9b8b8ba4ef6b1a65e61801988482653fc2c24210ca47725a675399eb05012a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1212
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
beacon.js
sb.scorecardresearch.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/beacon.v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63a03df903030d78749fa647494b5c18c248cd464a95eb768e972278d885f9df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 12:41:00 GMT
content-encoding
gzip
via
1.1 76f18545659f3cecc2213d8e93d15fb2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 11:54:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
25862
etag
W/"96bc3a581f40e4dbb6739b063c8dcb9b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
n232rT6aKtv-5FEgknVrowbPRKLL0ezShjZ1itE4PT1ucWH1OViaKQ==
ed84ce0921491b29b8fd.css
s.isanook.com/sr/0/_next/static/css/ 		43 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/css/ed84ce0921491b29b8fd.css
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
e3e029d067fad52660b4fe2dc769afd15806a944471fa0d44f9051b9cdced871

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 03:20:51 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
43981
server
Lego Server
age
51
etag
W/"656d3d7e-abcd"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-nws-log-uuid
14861050338361894458
accept-ranges
bytes
content-length
9074
expires
Wed, 03 Jan 2024 03:20:51 GMT
webpack-db6c521efa1d717d55c2.js
s.isanook.com/sr/0/_next/static/chunks/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/webpack-db6c521efa1d717d55c2.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
7fc87d749d45b796576fc12dfe98ec497d9e4cbd04e9ed4ddb160e33c910d77a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 03:25:34 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
9638
server
Lego Server
age
9
etag
W/"656d3d78-25a6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
11965119978744702069
accept-ranges
bytes
content-length
4802
expires
Wed, 03 Jan 2024 03:20:52 GMT
framework-bccd505f411f10b308c7.js
s.isanook.com/sr/0/_next/static/chunks/ 		147 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/framework-bccd505f411f10b308c7.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
e16941500a7e562826092aa4e31a907a0c6e9354e4c843391cd3fdec33602bb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 02:17:47 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
150360
server
Lego Server
age
0
etag
W/"6565dcad-24b58"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
10583746533681324034
accept-ranges
bytes
content-length
45781
expires
Fri, 29 Dec 2023 02:17:47 GMT
main-6fc29b940dae36eaf931.js
s.isanook.com/sr/0/_next/static/chunks/ 		75 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/main-6fc29b940dae36eaf931.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
e6f66edeac3b3a3f7b2cd9d2c9c0365f42b989cc873dd956522bcc03e1279413

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 06:30:22 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 24 Nov 2023 04:03:16 GMT
server
Lego Server
age
0
etag
W/"65602084-12ae6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
4871863946161922112
accept-ranges
bytes
content-length
23882
expires
Sun, 24 Dec 2023 06:30:22 GMT
_app-6e7400a9b63fdd01d346.js
s.isanook.com/sr/0/_next/static/chunks/pages/ 		798 KB
190 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-6e7400a9b63fdd01d346.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
9ee8564f9571951120c2f076afc16bbe6a23e34f6862fdae186e7303104a6090

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 03:20:52 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
817646
server
Lego Server
age
0
etag
W/"656d3d7c-c79ee"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
891094976335921274
accept-ranges
bytes
content-length
193871
expires
Wed, 03 Jan 2024 03:20:51 GMT
2962-603a28e62dde6ed2aedb.js
s.isanook.com/sr/0/_next/static/chunks/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2962-603a28e62dde6ed2aedb.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
39a9767a33fe8b9d31f24bb9f29f98152c9f738a1bf59539cfd87285d30be231

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 03:26:04 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
11966
server
Lego Server
age
0
etag
W/"65544f53-2ebe"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
15685100113422009227
accept-ranges
bytes
content-length
2732
expires
Sat, 16 Dec 2023 03:26:04 GMT
9669-b56602280eb9384c191d.js
s.isanook.com/sr/0/_next/static/chunks/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/9669-b56602280eb9384c191d.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
9cd0cf9358f6d9ef9aecc29466faba4f8f2f5b9a79f03be60e6b220558fd4340

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 19:34:52 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
13794
server
Lego Server
age
106062
etag
W/"65544f52-35e2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
1458969023328532988
accept-ranges
bytes
content-length
4712
expires
Fri, 15 Dec 2023 19:34:52 GMT
1354-e6e263fd45386d27bc3d.js
s.isanook.com/sr/0/_next/static/chunks/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/1354-e6e263fd45386d27bc3d.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
6110bd3d72d24a65ab45401d0318208e362f323aca3c84d57a36523d34a60f0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 04:27:48 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
50816
server
Lego Server
age
83945
etag
W/"656405c9-c680"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
1751437248025969476
accept-ranges
bytes
content-length
16614
expires
Wed, 27 Dec 2023 04:27:48 GMT
3253-53ff7ff6e0b6ee493cc0.js
s.isanook.com/sr/0/_next/static/chunks/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/3253-53ff7ff6e0b6ee493cc0.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
1150925cc59c7046516a9aaaf3d9add1cd9cce4f6a5002154a4cfe3432906427

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:34:52 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
24873
server
Lego Server
age
56106
etag
W/"65544f52-6129"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
17348755294948301273
accept-ranges
bytes
content-length
7130
expires
Sat, 16 Dec 2023 03:09:33 GMT
6261-0b9100df4de35e339621.js
s.isanook.com/sr/0/_next/static/chunks/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/6261-0b9100df4de35e339621.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
ee4af143a6a0a29cda4f26e4e9e05fbc58918dfa32bb26bb7f43b266afc0a085

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 07:08:22 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
29406
server
Lego Server
age
562116
etag
W/"6556d42e-72de"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
5246643255651114472
accept-ranges
bytes
content-length
6698
expires
Sun, 17 Dec 2023 02:51:34 GMT
2144-fc95701658e9dbc62ba5.js
s.isanook.com/sr/0/_next/static/chunks/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2144-fc95701658e9dbc62ba5.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
dbc8e7010be7250d7092fa7cdfc81186f97e3abf060d836d4054ba37f1160ce3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 00:53:49 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
9691
server
Lego Server
age
539643
etag
W/"65544f53-25db"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
15557115527822653877
accept-ranges
bytes
content-length
3394
expires
Sat, 16 Dec 2023 01:48:48 GMT
1216-75cdf64a6bee3b4a0f08.js
s.isanook.com/sr/0/_next/static/chunks/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/1216-75cdf64a6bee3b4a0f08.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
c874f708f5b975cd971bc4b89f3a432a46121a549273f79c0e1363ef54001157

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:40:02 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
6871
server
Lego Server
age
0
etag
W/"65446ebe-1ad7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
2532271196775368259
accept-ranges
bytes
content-length
2537
expires
Wed, 06 Dec 2023 03:40:02 GMT
617-ce3dea63b3c20710b129.js
s.isanook.com/sr/0/_next/static/chunks/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/617-ce3dea63b3c20710b129.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
c60e2fc9ce0914bf1cf11e141c745da30edc15af953fd6682d0d95df5d83f809

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 03:09:32 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
16030
server
Lego Server
age
0
etag
W/"65544f54-3e9e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
11808419776871462995
accept-ranges
bytes
content-length
4545
expires
Sat, 16 Dec 2023 03:09:32 GMT
3051-bf42533dcd722fe36384.js
s.isanook.com/sr/0/_next/static/chunks/ 		82 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/3051-bf42533dcd722fe36384.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
b9e38cc9731430afe84fde118d71237c9a86fce3230e5ac7ae1d7f86c102842a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 08:25:48 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 24 Nov 2023 04:03:17 GMT
server
Lego Server
age
0
etag
W/"65602085-1496c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
14970292986898816612
accept-ranges
bytes
content-length
26664
expires
Mon, 25 Dec 2023 08:25:48 GMT
5616-5f8425f3631c502b5b56.js
s.isanook.com/sr/0/_next/static/chunks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5616-5f8425f3631c502b5b56.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
be670c3d3cc9021e3e244a863bd36f5c685a09f46cffefdb930b9fefee0fec0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 07:08:22 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
9072
server
Lego Server
age
562116
etag
W/"65544f53-2370"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
8583784222191204124
accept-ranges
bytes
content-length
3074
expires
Fri, 15 Dec 2023 21:14:04 GMT
6066-d50250a536141f89d39a.js
s.isanook.com/sr/0/_next/static/chunks/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/6066-d50250a536141f89d39a.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
12c77ac611a4332b163f12367043df571ad45e56537880d12235f9aa3376e777

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 03:10:10 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
server
Lego Server
age
0
etag
W/"6557286a-95e4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
8438709923614654359
accept-ranges
bytes
content-length
9981
expires
Wed, 20 Dec 2023 03:10:10 GMT
6394-4c13bb638cce24c456c7.js
s.isanook.com/sr/0/_next/static/chunks/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/6394-4c13bb638cce24c456c7.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
b02bf2a8d76d3e8d58db00ee7d49100ee09d44b38d1d363bdbd33f9c72e92da1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 08:41:50 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
4669
server
Lego Server
age
566544
etag
W/"65544f53-123d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
14858129681275415816
accept-ranges
bytes
content-length
2121
expires
Fri, 15 Dec 2023 20:44:38 GMT
6876-8ff5ec0b004769cf30cd.js
s.isanook.com/sr/0/_next/static/chunks/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/6876-8ff5ec0b004769cf30cd.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
27e3898e078a99fc5f43b11cbef454a94563852fc306e3a9f163146e02751a19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 09:36:30 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
11452
server
Lego Server
age
0
etag
W/"656405ca-2cbc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
12819011618081294118
accept-ranges
bytes
content-length
3894
expires
Wed, 27 Dec 2023 09:36:30 GMT
9826-a6b080a9d148f6d33282.js
s.isanook.com/sr/0/_next/static/chunks/ 		50 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/9826-a6b080a9d148f6d33282.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
5bf7724d62557cbb156e410f424acf0d48a3f5b6db47b4ba25db0699d9e1305a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 03:20:52 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
51343
server
Lego Server
age
0
etag
W/"656d3d79-c88f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
8524327534753464664
accept-ranges
bytes
content-length
7614
expires
Wed, 03 Jan 2024 03:20:51 GMT
5503-b2397f73d06c2a9e1092.js
s.isanook.com/sr/0/_next/static/chunks/ 		37 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5503-b2397f73d06c2a9e1092.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
5dfa82f46c4ae85ec1f5515f5b74b176b6b00343eb768ebbe7777a4cb00d30f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 03:20:52 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
37463
server
Lego Server
age
0
etag
W/"656d3d7e-9257"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
16188135423840523598
accept-ranges
bytes
content-length
7289
expires
Wed, 03 Jan 2024 03:20:52 GMT
7263-e7a62c0dc56777b8b097.js
s.isanook.com/sr/0/_next/static/chunks/ 		211 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/7263-e7a62c0dc56777b8b097.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
9d7e6a41a41889f1c7ba094a19627e8b5bb548fe8e905d43e0f3c0c9bf748b0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 03:25:35 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
216181
server
Lego Server
age
126
etag
W/"656d3d76-34c75"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
17505927142989059666
accept-ranges
bytes
content-length
44949
expires
Wed, 03 Jan 2024 03:20:52 GMT
3316-1075f88424a7f97fd556.js
s.isanook.com/sr/0/_next/static/chunks/ 		18 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/3316-1075f88424a7f97fd556.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
2ad2e0dabfe69db1f2fa50e28da4cff673db42de2a7c9990610dc913ae7f8ab5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 03:20:52 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
18017
server
Lego Server
age
6
etag
W/"656d3d76-4661"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
14379911882342478369
accept-ranges
bytes
content-length
4335
expires
Wed, 03 Jan 2024 03:20:51 GMT
5269-079a571b0073aad180b9.js
s.isanook.com/sr/0/_next/static/chunks/ 		242 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5269-079a571b0073aad180b9.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
4675cef10aa0b55eb18489711464ed024ee312f295371a068453ffe6a77eb5c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 03:20:51 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Mon, 04 Dec 2023 02:46:21 GMT
server
Lego Server
age
282
etag
W/"656d3d7d-3c6c6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
7987581552398688896
accept-ranges
bytes
content-length
23936
expires
Wed, 03 Jan 2024 03:20:51 GMT
4374-91615dc559f3faf9c086.js
s.isanook.com/sr/0/_next/static/chunks/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/4374-91615dc559f3faf9c086.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
fee99ad0bd0cd5995682405178d9d2ede85fed5c79f543d8b740f53395291f64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 03:20:51 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
17102
server
Lego Server
age
12
etag
W/"656d3d79-42ce"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
14937006452224956582
accept-ranges
bytes
content-length
3785
expires
Wed, 03 Jan 2024 03:20:51 GMT
7634-4277e9e926e2d501b027.js
s.isanook.com/sr/0/_next/static/chunks/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/7634-4277e9e926e2d501b027.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
c167d57f349ee749abdcf3d074257ad9942c0e55edb11408747c37d51ae88385

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 03:20:51 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
14138
server
Lego Server
age
95
etag
W/"656d3d77-373a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
12353898258260841667
accept-ranges
bytes
content-length
2616
expires
Wed, 03 Jan 2024 03:20:51 GMT
9063-57073d4d1e3990a37f26.js
s.isanook.com/sr/0/_next/static/chunks/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/9063-57073d4d1e3990a37f26.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
48a722d8d6843899e3693305a0008ac92ded8237a956b5bc5b183e829668e02a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 03:25:34 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
11925
server
Lego Server
age
8
etag
W/"656d3d7d-2e95"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
15538976506183253115
accept-ranges
bytes
content-length
3787
expires
Wed, 03 Jan 2024 03:20:52 GMT
2511-057e6af3bf6bf02c4115.js
s.isanook.com/sr/0/_next/static/chunks/ 		16 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2511-057e6af3bf6bf02c4115.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
d6c98f2357580b791144c81e9cc0c04e61d5d66cf3abd5571d1f6935086fbfc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 03:20:52 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
16150
server
Lego Server
age
0
etag
W/"656d3d77-3f16"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
2120461223598791283
accept-ranges
bytes
content-length
3133
expires
Wed, 03 Jan 2024 03:20:52 GMT
7605-85e9d31bd7efd778ba22.js
s.isanook.com/sr/0/_next/static/chunks/ 		18 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/7605-85e9d31bd7efd778ba22.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
2ac05fa6e28bdd8a7dae41f39d4f0d1d1fdd2375132dc85e99a9e35fbb24d880

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 03:20:52 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
18841
server
Lego Server
age
332
etag
W/"656d3d78-4999"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
9208024092165344140
accept-ranges
bytes
content-length
2993
expires
Wed, 03 Jan 2024 03:20:52 GMT
2820-202f6e506eae7595d2a9.js
s.isanook.com/sr/0/_next/static/chunks/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2820-202f6e506eae7595d2a9.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
b2bb8debb0b4e407cc789a3841d55f3c8e9f7804e91e77a056b529de9803f42c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 03:20:52 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Mon, 04 Dec 2023 02:46:16 GMT
server
Lego Server
age
608
etag
W/"656d3d78-3a80"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
18398252668324652191
accept-ranges
bytes
content-length
3601
expires
Wed, 03 Jan 2024 03:20:52 GMT
1918-380b5c4782fb27ab6553.js
s.isanook.com/sr/0/_next/static/chunks/ 		41 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/1918-380b5c4782fb27ab6553.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
8db68c65f05ec88a2f708861c871fff6340f92b24f42f3cf78d5f247b8a2818d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 03:20:51 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Mon, 04 Dec 2023 02:46:21 GMT
server
Lego Server
age
399
etag
W/"656d3d7d-a36b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
10750987537613458806
accept-ranges
bytes
content-length
9631
expires
Wed, 03 Jan 2024 03:20:51 GMT
firstpage-91ef6c97f40b1d8494e2.js
s.isanook.com/sr/0/_next/static/chunks/pages/common/ 		271 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/pages/common/firstpage-91ef6c97f40b1d8494e2.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
2906bc34f7e82136ae4c34e0ef9238fffeb7395eec21b1bf94f631714ad89558

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 03:31:00 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
277946
server
Lego Server
age
261
etag
W/"656d3d7a-43dba"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
11583304436970328338
accept-ranges
bytes
content-length
44397
expires
Wed, 03 Jan 2024 03:20:52 GMT
_buildManifest.js
s.isanook.com/sr/0/_next/static/eFNpAhac6--SkFUvWJuUh/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/eFNpAhac6--SkFUvWJuUh/_buildManifest.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
41901856e08974ad191be3680302b4f2c0bcd29e8179b8ab3187088deee1c43e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 03:25:35 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
27617
server
Lego Server
age
126
etag
W/"656d3d7e-6be1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
12551266496877404490
accept-ranges
bytes
content-length
6963
expires
Wed, 03 Jan 2024 03:20:53 GMT
_ssgManifest.js
s.isanook.com/sr/0/_next/static/eFNpAhac6--SkFUvWJuUh/ 		77 B
221 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/eFNpAhac6--SkFUvWJuUh/_ssgManifest.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 03:20:52 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
77
server
Lego Server
age
7
etag
"656d3d7e-4d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
5939774305288893896
accept-ranges
bytes
content-length
61
expires
Wed, 03 Jan 2024 03:20:52 GMT
spacer.gif
p3.isanook.com/sh/0/di/ac/vl/ 		0
0
image.png
s.isanook.com/sr/0/images/landing/2023/KingBhumiBol/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/landing/2023/KingBhumiBol/image.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
c960beab74ffdb10178b7805fa66227341330b2c8fafb459c3a33eece8f9712b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:04:51 GMT
x-cache-lookup
Cache Hit
last-modified
Mon, 04 Dec 2023 02:47:01 GMT
server
Lego Server
age
0
etag
"656d3da5-dae0"
content-type
image/png
cache-control
s-maxage=10
x-nws-log-uuid
9753115491023568817
accept-ranges
bytes
content-length
56032
text-desktop01.png
s.isanook.com/sr/0/images/landing/2023/KingBhumiBol/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/landing/2023/KingBhumiBol/text-desktop01.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
8127643e863b0771e92ccbf8ca191d56ab281b8d1750b0c064ee080d78359b50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:04:51 GMT
x-cache-lookup
Cache Hit
last-modified
Mon, 04 Dec 2023 02:47:01 GMT
server
Lego Server
age
0
etag
"656d3da5-5e41"
content-type
image/png
cache-control
s-maxage=10
x-nws-log-uuid
9751885108803608333
accept-ranges
bytes
content-length
24129
text-mobile01.png
s.isanook.com/sr/0/images/landing/2023/KingBhumiBol/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/landing/2023/KingBhumiBol/text-mobile01.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
37aa5b018742eebffc82207c29c0b5875a5ec429b2739c1e80d8599142e81bf3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:04:51 GMT
x-cache-lookup
Cache Hit
last-modified
Mon, 04 Dec 2023 02:47:01 GMT
server
Lego Server
age
0
etag
"656d3da5-9112"
content-type
image/png
cache-control
s-maxage=10
x-nws-log-uuid
5944240496682263878
accept-ranges
bytes
content-length
37138
ic-lotto.png
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/ic-lotto.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
99547a965f07daf7a5531abff25b655f8ca954dcd1fc1794a87e62b4f59069a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 08:37:35 GMT
x-cache-lookup
Cache Hit
last-modified
Wed, 29 Nov 2023 06:20:23 GMT
server
Lego Server
age
0
etag
"6566d827-b1f"
content-type
image/png
cache-control
s-maxage=10
x-nws-log-uuid
14486024165067239232
accept-ranges
bytes
content-length
2847
joox.svg
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		1 KB
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/joox.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
0b2e019fbe37d9642ad85f3194ef708e5510f4e580544587d3036d2c6a22809e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 08:38:39 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Wed, 29 Nov 2023 06:20:23 GMT
server
Lego Server
age
0
etag
W/"6566d827-4e7"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
2082669989419894200
accept-ranges
bytes
content-length
548
expires
Fri, 29 Dec 2023 08:38:39 GMT
wetv.svg
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/wetv.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
08a8463bf15cca775e8cc01995f1d42758cbda90dee2b7019fee15daa62822c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 02:59:43 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Wed, 29 Nov 2023 02:55:32 GMT
server
Lego Server
age
0
etag
W/"6566a824-1a5b"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
5153046737381982887
accept-ranges
bytes
content-length
1827
expires
Fri, 29 Dec 2023 02:59:43 GMT
wecomics-d.png
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/wecomics-d.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
72b957c8e33b77cbf556151dc0c974c59408561b4bf97828c5b400bb60663138

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 02:24:20 GMT
x-cache-lookup
Cache Hit
last-modified
Tue, 28 Nov 2023 12:27:39 GMT
server
Lego Server
age
0
etag
"6565dcbb-bec"
content-type
image/png
x-nws-log-uuid
596100865621671797
accept-ranges
bytes
content-length
3052
pubg.png
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/pubg.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
695669eab4d353184ff9d06af8b2e1d0c0aea5af143d16b84206b05f1fa7ec3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 02:17:22 GMT
x-cache-lookup
Cache Hit
last-modified
Tue, 28 Nov 2023 12:27:39 GMT
server
Lego Server
age
0
etag
"6565dcbb-8c6"
content-type
image/png
x-nws-log-uuid
5108328529827903407
accept-ranges
bytes
content-length
2246
ic-motorexpo.png
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/ic-motorexpo.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
4d50ed498aaec653a667bfc73ec4a0a02daecafae2f18007b3765d02507afb49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:06:29 GMT
x-cache-lookup
Cache Hit
last-modified
Wed, 29 Nov 2023 06:20:23 GMT
server
Lego Server
age
0
etag
"6566d827-17f6"
content-type
image/png
cache-control
s-maxage=10
x-nws-log-uuid
1714218085361097581
accept-ranges
bytes
content-length
6134
ic-findluckynumber.svg
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/ic-findluckynumber.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
bb9ed1770e9024deb98eee45ba561267d7ef74129e952928e7d62d581948bc0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 08:41:50 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Wed, 29 Nov 2023 06:20:23 GMT
server
Lego Server
age
0
etag
W/"6566d827-9f1"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
17756962561744735724
accept-ranges
bytes
content-length
1107
expires
Fri, 29 Dec 2023 08:41:50 GMT
tagline-template-update-april.jpg
s.isanook.com/fi/0/fp/392/1963845/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1963845/tagline-template-update-april.jpg?ip/crop/w555h333/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
b9ce8b82f68dad846b707a6771d1bfcc2276a51457aa98195b4b46b711768177
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 15:07:27 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
15802556624809181831
accept-ranges
bytes
content-length
35958
expires
Wed, 03 Jan 2024 15:07:27 GMT
re(1).jpg
s.isanook.com/fi/0/fp/389/1949777/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/389/1949777/re(1).jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
8b2d197527d0ce7b8a97afa40f331fefb8d2ae10fcfad7ca1881784bf3c073f3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 11:21:56 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
8577624126190238859
accept-ranges
bytes
content-length
10690
expires
Wed, 03 Jan 2024 11:21:56 GMT
wo8.jpg
s.isanook.com/fi/0/fp/392/1962949/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1962949/wo8.jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
7623e81086cf33b70d022c15467c4708e3a46a06140ada41af61d93992211401
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:10:14 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
281
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
1508569755961624206
accept-ranges
bytes
content-length
6103
expires
Wed, 03 Jan 2024 17:10:14 GMT
p_sport-2023-12-03t145305.3.jpg
s.isanook.com/fi/0/fp/392/1963349/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1963349/p_sport-2023-12-03t145305.3.jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
ea60c83228028b7ba7469c815c18f76d8513d237b9d00f3d71dd45926db9c926
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 13:06:35 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
10837502459647782875
accept-ranges
bytes
content-length
11769
expires
Wed, 03 Jan 2024 13:06:35 GMT
new_sanook_thumbnail_1200x720.jpg
s.isanook.com/fi/0/fp/392/1963677/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1963677/new_sanook_thumbnail_1200x720.jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
5a24285a02622a144427e9fa96fcb3d4e4ec79d9ac6b13f1dccd2e0cb01f61af
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:03:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
690
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
2838885175656565311
accept-ranges
bytes
content-length
13179
expires
Wed, 03 Jan 2024 17:03:25 GMT
tagline-template-update-april.jpg
s.isanook.com/fi/0/fp/392/1963693/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1963693/tagline-template-update-april.jpg?ip/crop/w172h97/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
b62d7cd1c784a57934dba9ddfd95df813d8d09c8e2c63b6fd2d6d1fc77943070
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 13:05:22 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
4634655223904624424
accept-ranges
bytes
content-length
6255
expires
Wed, 03 Jan 2024 13:05:22 GMT
pok.jpg
s.isanook.com/fi/0/fp/392/1963785/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1963785/pok.jpg?ip/crop/w172h97/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
a607f285a8e793ed2bda8f9da395cf56e80eec5a088089efbaefa5340f6b56f7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:14:55 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
11997082911691471423
accept-ranges
bytes
content-length
3851
expires
Wed, 03 Jan 2024 17:14:55 GMT
gg(2).jpg
s.isanook.com/fi/0/fp/392/1963633/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1963633/gg(2).jpg?ip/crop/w172h97/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
d6cd0a1cf5f7d5a389b4faa08512dc4cee5b724c55bbc7d26c17d17529291a26
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 09:49:44 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
2897208140140052017
accept-ranges
bytes
content-length
5922
expires
Wed, 03 Jan 2024 09:49:44 GMT
h3.jpg
s.isanook.com/fi/0/fp/392/1963421/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1963421/h3.jpg?ip/crop/w172h97/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
9ba6d97eb305dd66e12077bfe4e73ba94e9bf6e932138e37ef20028d54079ddb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 13:04:56 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
98
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
6642045749379141139
accept-ranges
bytes
content-length
6808
expires
Wed, 03 Jan 2024 13:04:56 GMT
2222(2).jpg
s.isanook.com/fi/0/fp/392/1963557/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1963557/2222(2).jpg?ip/crop/w172h97/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
434f5f9118115a1685d49d74e862716c5e7d6cad6aa72f661bdebfa6ec76bbba
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 14:01:04 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
198
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
4084871377273805840
accept-ranges
bytes
content-length
3801
expires
Wed, 03 Jan 2024 14:01:04 GMT
gamer_1200x720.jpg
s.isanook.com/fi/0/fp/357/1789513/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/357/1789513/gamer_1200x720.jpg?ip/crop/w172h97/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
9fcb61b1ebede6235a8da1e9c82dce2dd5945790bcc05f20c8e257e8931a182e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 01:08:49 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
12944549080406097956
accept-ranges
bytes
content-length
5066
expires
Sun, 31 Dec 2023 01:08:49 GMT
sanook_thumbnail_1200x720(11.jpg
s.isanook.com/fi/0/fp/392/1963577/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1963577/sanook_thumbnail_1200x720(11.jpg?ip/crop/w172h97/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
eab89510b6fc25824331de313aa244ab5ffcf3836c3a9c8d01d01bb7b3564062
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 09:05:27 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
9395234971970906405
accept-ranges
bytes
content-length
5328
expires
Wed, 03 Jan 2024 09:05:27 GMT
tagline-template-update-april.jpg
s.isanook.com/fi/0/fp/392/1963753/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1963753/tagline-template-update-april.jpg?ip/crop/w172h97/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
c4d2deee9efa1444fc8bff5bcb0da83b42665fbda5496b0d78ae52b7cdd26aff
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 11:04:49 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
458
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
15684432090754501100
accept-ranges
bytes
content-length
5243
expires
Wed, 03 Jan 2024 11:04:49 GMT
bg.jpg
s.isanook.com/sr/0/images/landing/2023/KingBhumiBol/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/landing/2023/KingBhumiBol/bg.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
btn-desktop.png
s.isanook.com/sr/0/images/landing/2023/KingBhumiBol/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/landing/2023/KingBhumiBol/btn-desktop.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
9c5203f8234220458f47b5303187a431e130032cf5362dbf19f35c5b63693e19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:04:14 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
etag
"656d3da5-1d52"
content-type
image/png
x-nws-log-uuid
16039463175898507719
accept-ranges
bytes
content-length
7506
expires
Mon, 04 Dec 2023 17:09:14 GMT
logo-sanook-n.svg
s.isanook.com/sr/0/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/logo-sanook-n.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
412e44de7c09f2b8d76b1ad4ca25cc6915bcca5d737aaa7c5a6b44e5965d1d6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:32:32 GMT
x-cache-lookup
Cache Hit
last-modified
Tue, 28 Nov 2023 12:27:45 GMT
server
Lego Server
age
0
etag
W/"6565dcc1-2b18"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
12984758387784590689
accept-ranges
bytes
content-length
11032
expires
Thu, 28 Dec 2023 19:32:32 GMT
base-icon-v1.0.50.woff2
s.isanook.com/sr/0/fonts/icon/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/icon/base-icon-v1.0.50.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
745f76c8d7cfbe00c5f1d9cd212b35730ca273ebdf6f8b0f3f4f69e0ccb2ba29

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 06:46:01 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Wed, 29 Nov 2023 06:20:14 GMT
server
Lego Server
age
0
etag
W/"6566d81e-b12c"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
17880065143111635324
accept-ranges
bytes
content-length
45389
expires
Fri, 29 Dec 2023 06:46:01 GMT
SukhumvitReg.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitReg.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 06:32:15 GMT
x-cache-lookup
Cache Hit
last-modified
Mon, 27 Nov 2023 02:58:21 GMT
server
Lego Server
age
71753
etag
"656405cd-7a90"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
17808709710309545417
accept-ranges
bytes
content-length
31376
expires
Thu, 28 Dec 2023 06:32:15 GMT
prompt-regular-webfont.woff2
s.isanook.com/sr/0/fonts/prompt/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/prompt/prompt-regular-webfont.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
8756f19020bac3a40d2a403c5f5bcf3ac5034bc0da074d6a383bbe6c32561de5

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 02:45:42 GMT
x-cache-lookup
Cache Hit
last-modified
Tue, 28 Nov 2023 12:27:27 GMT
server
Lego Server
age
0
etag
"6565dcaf-c8dc"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
17884349188331237938
accept-ranges
bytes
content-length
51420
expires
Fri, 29 Dec 2023 02:45:42 GMT
prompt-bold-webfont.woff2
s.isanook.com/sr/0/fonts/prompt/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/prompt/prompt-bold-webfont.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
d68c3ead837103c502de483abfdb0167fa83abe2a3ba452df2d5f216289f6c9f

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 01:31:03 GMT
x-cache-lookup
Cache Hit
last-modified
Tue, 28 Nov 2023 12:27:27 GMT
server
Lego Server
age
0
etag
"6565dcaf-cf40"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
3664030225981621700
accept-ranges
bytes
content-length
53056
expires
Fri, 29 Dec 2023 01:31:03 GMT
prompt-semibold-webfont.woff2
s.isanook.com/sr/0/fonts/prompt/ 		50 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/prompt/prompt-semibold-webfont.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
211ce11050c57b74d7f793232305a8ee5cea7f061366efaa6df4bff5cb7a2495

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:48:41 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 23 Nov 2023 06:09:03 GMT
server
Lego Server
age
0
etag
W/"655eec7f-c930"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
11623180944936700524
accept-ranges
bytes
content-length
51542
expires
Sat, 23 Dec 2023 11:48:41 GMT
SukhumvitBold.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitBold.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 19:46:27 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Mon, 27 Nov 2023 02:58:21 GMT
server
Lego Server
age
26150
etag
W/"656405cd-7df4"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
2748809544672290072
accept-ranges
bytes
content-length
32272
expires
Wed, 27 Dec 2023 19:46:27 GMT
js
www.googletagmanager.com/gtag/ 		249 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c9797755743831b32e32cdf7199e269fa617b96df4ec423ad7d82414a4b80262
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86945
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 04 Dec 2023 19:52:01 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 04 Dec 2023 19:22:33 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1768
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 04 Dec 2023 21:22:33 GMT
goggen.php
lvs2.truehits.in.th/ 		91 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lvs2.truehits.in.th/goggen.php?hc=d0004449&bv=0&rf=bookmark&web=NFl5isicyVRjYNTSsc7SKw%3D%3D&bn=Netscape&ss=1600*1200&sc=24&sv=1.3&ck=y&ja=n&vt=A8F0157A.1&fp=d&fv=-&truehitspage=sanook.www.index&truehitsurl=https%3a//www.sanook.com/&async=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.58.214 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-58-214.northern.inet.co.th
Software
nginx/1.23.3 /
Resource Hash
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/jpeg
pragma
no-cache
date
Mon, 04 Dec 2023 19:52:01 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server
nginx/1.23.3
p3p
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
/
www.google.com/pagead/1p-user-list/408516141/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/408516141/?random=1701719520238&cv=11&fst=1701716400000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&frm=0&fmt=3&is_vtc=1&cid=CAQSGwDICaaN46wbwHcrEkkuc841d8_GsKQ90n7pYA&random=2299523896&rmt_tld=0&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:01 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/408516141/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/408516141/?random=1701719520238&cv=11&fst=1701716400000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&frm=0&fmt=3&is_vtc=1&cid=CAQSGwDICaaN46wbwHcrEkkuc841d8_GsKQ90n7pYA&random=2299523896&rmt_tld=1&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:01 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b
sb.scorecardresearch.com/ 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=14617386&cs_it=b9&cv=4.4.0%2B2311211132&ns__t=1701719521192&ns_c=UTF-8&cs_cfg=100&c7=https%3A%2F%2Fwww.sanook.com%2F&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&c9=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-53.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:01 GMT
via
1.1 76f18545659f3cecc2213d8e93d15fb2.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-amz-cf-id
6n-5GXNb65lkUivfYqysnaM5ri3awEg3vBmH30_T9szGJN8P4gmLzw==
x-cache
Miss from cloudfront
collect
region1.analytics.google.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-M0RYDTKBFK&gtm=45je3bt0v888883767z877572129&_p=1701719518726&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=991902406.1701719521&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&sid=1701719521&sct=1&seg=0&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&en=page_view&_fv=1&_nsi=1&_ss=2&ep.user_session_id=1701719521113.y0zg1sh&ep.content_channel=firstpage&ep.content_page_format=indexpage&ep.adblock_tracker=false&upn.user_login=0&tfd=7682
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
244 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M0RYDTKBFK&cid=991902406.1701719521&gtm=45je3bt0v888883767z877572129&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M0RYDTKBFK&cid=991902406.1701719521&gtm=45je3bt0v888883767z877572129&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1268225432
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/1007499765/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=463524141&cv=11&fst=1701719520230&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&gcd=11l1l1l1l1&dma_cps=sypham&d...
  • https://www.google.com/pagead/1p-conversion/1007499765/?random=463524141&cv=11&fst=1701719520230&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=120...
  • https://www.google.de/pagead/1p-conversion/1007499765/?random=463524141&cv=11&fst=1701719520230&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/1007499765/?random=463524141&cv=11&fst=1701719520230&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&value=0&auid=717176171.1701719520&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0k2MnF3WVEyWXZWbUlpWl9mRm5FaVVBZkloUHNqcUIyRXVsamNVY0pTRFBzellRRWpiYW83dVRmLVl0TkxzUXVxSUxsTXdJGldDaEFJZ0k2MnF3WVFwdGZCLUxMLWhkbHdFaTBBSDVqUHE0czducEtCMDFFdTZWTUlxaGZHTUxhRGNhNU5JM2F0QzFjSnhCRUc5NmZKeW1QZzhma0V2ODQiEwjsksScx_aCAxWEvHsKHVFeAq4&is_vtc=1&ocp_id=4S1uZayeCoT57gPRvInwCg&cid=CAQSKQDICaaNVgjCBWI41UrdncbrpX_XAmPjxnIdjdkyw-VRdJ0c42zfkEfB&eitems=ChEIgI62qwYQ2cH0ifKD6eG6ARIdALib_Kvtv8OOqWMJPfkbqN1hcL0vSnnP3RQ1uas&random=1720372909&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:01 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:01 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/1007499765/?random=463524141&cv=11&fst=1701719520230&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&value=0&auid=717176171.1701719520&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0k2MnF3WVEyWXZWbUlpWl9mRm5FaVVBZkloUHNqcUIyRXVsamNVY0pTRFBzellRRWpiYW83dVRmLVl0TkxzUXVxSUxsTXdJGldDaEFJZ0k2MnF3WVFwdGZCLUxMLWhkbHdFaTBBSDVqUHE0czducEtCMDFFdTZWTUlxaGZHTUxhRGNhNU5JM2F0QzFjSnhCRUc5NmZKeW1QZzhma0V2ODQiEwjsksScx_aCAxWEvHsKHVFeAq4&is_vtc=1&ocp_id=4S1uZayeCoT57gPRvInwCg&cid=CAQSKQDICaaNVgjCBWI41UrdncbrpX_XAmPjxnIdjdkyw-VRdJ0c42zfkEfB&eitems=ChEIgI62qwYQ2cH0ifKD6eG6ARIdALib_Kvtv8OOqWMJPfkbqN1hcL0vSnnP3RQ1uas&random=1720372909&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL.js
cdn.ocmtag.com/tag/ 		191 B
698 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ocmtag.com/tag/NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL.js
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62998eb230205cec9dbb97bedc6654520af6e3b2b452f17c38b54eb10829a005

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2919
alt-svc
h3=":443"; ma=86400
service-worker-allowed
/
last-modified
Thu, 27 Apr 2023 11:52:10 GMT
server
cloudflare
etag
W/"644a61ea-bf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tkbg3jBj%2BA8DtfU1c0pXWlTggyhIiOf5a1RzFV0aCrJOUy2fS%2Fcai5J8TT%2FwXhstJP%2Bx7bLBYbePJAQjhihVlr%2FE43K%2Ff60tzYvEapyKXXAqDXONrB2QHGfISB%2Fm%2Bh%2FahFiyV14GVS4eijbppw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
83069660ff02b7b5-AMS
/
beacon.taboola.com/ 		0
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.taboola.com/?cat=webpush&v=1.5&src=Sanook&event=ask&features=adblock
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230098-FRA
date
Mon, 04 Dec 2023 19:52:01 GMT
via
1.1 varnish
server
Varnish
x-timer
S1701719521.384330,VS0,VE0
access-control-allow-methods
GET, POST
content-type
x-cache
HIT
cache-control
private, no-store
access-control-allow-credentials
true
accept-ranges
bytes
retry-after
0
x-cache-hits
0
oppa.js
p3.isanook.com/sh/0/js/ 		537 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/sh/0/js/oppa.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:38:02 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Wed, 17 May 2017 08:37:40 GMT
server
Lego Server
age
85748
etag
"591c0bd4-219"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
2959445045120776899
accept-ranges
bytes
content-length
363
expires
Thu, 28 Dec 2023 07:38:02 GMT
hub.html
p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/ Frame E846 		236 B
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-6e7400a9b63fdd01d346.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1426
cache-control
no-cache, max-age=0
content-encoding
gzip
content-length
192
content-type
text/html
date
Mon, 04 Dec 2023 19:28:15 GMT
server
Lego Server
vary
Accept-Encoding
x-cache-lookup
Cache Miss Hit From Inner Cluster Cache Miss
x-nws-log-uuid
18442224795357286848
x-page-speed
1.13.35.2-0
/
graph.sanook.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getFirstpageLatestEntryConnection&variables=%7B%22channels%22%3A%5B%22firstpage%22%5D%2C%22types%22%3A%5B%22content%22%5D%2C%22categoryIds%22%3A%7B%22channel%22%3A%22firstpage%22%2C%22ids%22%3A%5B794%5D%7D%2C%22categorySlugs%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22slugs%22%3A%5B%22hotnews%22%5D%7D%5D%2C%22orderBy%22%3A%7B%22direction%22%3A%22DESC%22%2C%22field%22%3A%22STICKY%22%7D%2C%22first%22%3A4%2C%22excludeEntries%22%3A%5B%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963845%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963777%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963829%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963737%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963653%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1949777%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1962949%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963349%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963677%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963693%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963785%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963633%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963421%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963557%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1789513%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963577%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963753%7D%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22e838b992f7a7cc1c8b668a941703f23d86e1cac625b856a8370085b3e2cd253f%22%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
203.151.128.172 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
172.128.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.sanook.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Max-Age
300
Connection
keep-alive
Date
Mon, 04 Dec 2023 19:52:02 GMT
G-API-Cache-Status
BYPASS
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Vary
Origin
/
graph.sanook.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getFirstpageLatestEntryConnection&variables=%7B%22channels%22%3A%5B%22firstpage%22%5D%2C%22types%22%3A%5B%22content%22%5D%2C%22categoryIds%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22ids%22%3A%5B794%5D%7D%5D%2C%22categorySlugs%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22slugs%22%3A%5B%22ch-entertain%22%5D%7D%5D%2C%22first%22%3A4%2C%22excludeEntries%22%3A%5B%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963845%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963777%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963829%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963737%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963653%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1949777%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1962949%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963349%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963677%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963693%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963785%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963633%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963421%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963557%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1789513%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963577%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963753%7D%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22e838b992f7a7cc1c8b668a941703f23d86e1cac625b856a8370085b3e2cd253f%22%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
203.151.128.172 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
172.128.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.sanook.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Max-Age
300
Connection
keep-alive
Date
Mon, 04 Dec 2023 19:52:03 GMT
G-API-Cache-Status
BYPASS
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Vary
Origin
publishertag.js
static.criteo.net/js/ld/ 		129 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-6e7400a9b63fdd01d346.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-20336"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Dec 2023 19:52:01 GMT
cookiepolicy.png
s.isanook.com/sr/0/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/cookiepolicy.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
d57aeaf80265f0b85de1bf9798c3eb60e8b8a71869a16cea4873e21667c9f657

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 02:17:23 GMT
x-cache-lookup
Cache Hit
last-modified
Tue, 28 Nov 2023 12:27:37 GMT
server
Lego Server
age
0
etag
"6565dcb9-428b"
content-type
image/png
cache-control
s-maxage=10
x-nws-log-uuid
8983160106469165614
accept-ranges
bytes
content-length
17035
sanook_trend
sloth-api.sanook.com/api/ 		780 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sloth-api.sanook.com/api/sanook_trend?channel=all&t=472699
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/9669-b56602280eb9384c191d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
61.91.93.46 Bang Phli, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-46.static.asianet.co.th
Software
nginx / Express
Resource Hash
c7cefd33b64a544e86b804168e695c0f7e4bebe824ff5dc68b10bf5ccf0cc1f9

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

X-Response-Time
0.453ms
Date
Mon, 04 Dec 2023 19:52:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"30c-86Yp6d7iUEkg7yy2krbSs9tOUuw"
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Content-Length
780
Expires
Wed, 03 Jan 2024 19:52:03 GMT
/
graph.sanook.com/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getFirstpageLatestEntryConnection&variables=%7B%22channels%22%3A%5B%22firstpage%22%5D%2C%22types%22%3A%5B%22content%22%5D%2C%22categoryIds%22%3A%7B%22channel%22%3A%22firstpage%22%2C%22ids%22%3A%5B794%5D%7D%2C%22categorySlugs%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22slugs%22%3A%5B%22hotnews%22%5D%7D%5D%2C%22orderBy%22%3A%7B%22direction%22%3A%22DESC%22%2C%22field%22%3A%22STICKY%22%7D%2C%22first%22%3A4%2C%22excludeEntries%22%3A%5B%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963845%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963777%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963829%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963737%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963653%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1949777%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1962949%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963349%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963677%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963693%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963785%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963633%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963421%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963557%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1789513%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963577%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963753%7D%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22e838b992f7a7cc1c8b668a941703f23d86e1cac625b856a8370085b3e2cd253f%22%7D%7D
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-6e7400a9b63fdd01d346.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
203.151.128.172 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
172.128.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
05a011e4c18cbbd523adb121a683efb10c49aa92856b0a31f93adea68bd8125f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept
*/*
Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
application/json

Response headers

Date
Mon, 04 Dec 2023 19:52:03 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Server
nginx
ETag
W/"1986-UPWgzONIu96PmwHFMWzFe6n0lqI"
X-Cache-Status
MISS
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Credentials
true
G-API-Cache-Status
HIT
Connection
keep-alive
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization
/
graph.sanook.com/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getFirstpageLatestEntryConnection&variables=%7B%22channels%22%3A%5B%22firstpage%22%5D%2C%22types%22%3A%5B%22content%22%5D%2C%22categoryIds%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22ids%22%3A%5B794%5D%7D%5D%2C%22categorySlugs%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22slugs%22%3A%5B%22ch-entertain%22%5D%7D%5D%2C%22first%22%3A4%2C%22excludeEntries%22%3A%5B%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963845%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963777%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963829%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963737%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963653%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1949777%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1962949%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963349%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963677%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963693%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963785%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963633%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963421%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963557%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1789513%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963577%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1963753%7D%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22e838b992f7a7cc1c8b668a941703f23d86e1cac625b856a8370085b3e2cd253f%22%7D%7D
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-6e7400a9b63fdd01d346.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
203.151.128.172 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
172.128.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
8c16ba9c233fa2dc3dcffd7e88d3c625c4938963d8d173d6b7ebb4763172b45a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept
*/*
Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
application/json

Response headers

Date
Mon, 04 Dec 2023 19:52:03 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Server
nginx
ETag
W/"176f-z8thwPu9kVzutx4opjUUALaIQNE"
X-Cache-Status
MISS
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Credentials
true
G-API-Cache-Status
HIT
Connection
keep-alive
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization
syncframe
gum.criteo.com/ Frame DB64 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 19:52:01 GMT
server
Kestrel
server-processing-duration-in-ticks
329026
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
dc-script-v2.min.js
sal.isanook.com/dc/ 		25 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sal.isanook.com/dc/dc-script-v2.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.94.165 Bang Phli, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-94-165.static.asianet.co.th
Software
nginx /
Resource Hash
3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 19:52:03 GMT
Last-Modified
Mon, 16 Nov 2020 11:46:30 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25278
Expires
Wed, 03 Jan 2024 19:52:03 GMT
1489944661112333
connect.facebook.net/signals/config/ 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1489944661112333?v=2.9.138&r=stable&domain=www.sanook.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e17b04fbaa36e4d655eacb04e8b380ba7bf4e970ee4dbe0e0d627289d3deca22
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 04 Dec 2023 19:52:01 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35652
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
TkKzjicdD+rSYveVcFsAuoL/I7IHFZGE2nAyW20uTdIEOEwhwQu9VZraIFF9SXq1W9QC67mRcem4A7eKF3hS9Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
floors.json
ads.pubmatic.com/AdServer/js/pwt/floors/155976/781/ 		369 B
613 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/floors/155976/781/floors.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.43.60.191 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-43-60-191.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4f80b6b9492d8591d006c59512737b2bf8509b15deb91a57ee74d8742905554e

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Dec 2023 19:52:02 GMT
content-encoding
gzip
last-modified
Mon, 04 Dec 2023 14:33:56 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
*
content-type
application/json
cache-control
public, max-age=8714
access-control-allow-credentials
true
accept-ranges
bytes
content-length
208
expires
Mon, 04 Dec 2023 22:17:16 GMT
geo
ut.pubmatic.com/ 		12 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
642e0c55f52b2a291e47f5ab2d322e35f6776d8ce73b9cc0bd86c65bd4a26620

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Mon, 04 Dec 2023 19:52:03 GMT
cache-control
max-age=172800
content-length
12
content-type
application/json
gpt.js
www.googletagservices.com/tag/js/ 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33ff72051866ed5f6fa92f78864d15c8d5243dc09c91b76efcc32fce2eee413c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30335
x-xss-protection
0
server
cafe
etag
246 / 19695 / 31079856 / config-hash: 17787931357026562509
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 04 Dec 2023 19:52:02 GMT
collect
www.google-analytics.com/j/ 		16 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1159973258&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAEK~&jid=114004088&gjid=136288152&cid=991902406.1701719521&tid=UA-8147095-6&_gid=1915569760.1701719522&_r=1&_slc=1&gtm=45He3bt0n81PNXLXRSv77572129&cd4=0&cd12=1701719521123.qgo5kiob&cd22=firstpage&cd23=indexpage&cd43=0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=658635007
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1bf2204e4bc320500b589d112b120f2c00240f6bac71af61590485ae0ebc5998
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
container_57b51f2f1c51b15b6d1e8553.js
avd.innity.net/225/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/oppa.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.46.68.61 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-68-61.deploy.static.akamaitechnologies.com
Software
nginx/1.20.2 /
Resource Hash
79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 19:52:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Aug 2020 08:27:45 GMT
Server
nginx/1.20.2
ETag
"5f48c001-20eb-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=1269067
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3222
Expires
Tue, 19 Dec 2023 12:23:10 GMT
activity
t.ocmhood.com/v2/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.ocmhood.com/v2/activity
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 04 Dec 2023 19:52:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8jb3djyjPZ4bvjXTxK5vzEqV3HqqSFDymyoJl8yRCw23l0HRnUBhoOXyhZ%2Bi94TNzyJ7bPp3Dn8%2Bev8Rbh3iqBdFxf816cECdpXwuh3iFGoKPUgiWpISZJKu8nWhTy4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
no-cache
cf-ray
830696684f1590d4-FRA
alt-svc
h3=":443"; ma=86400
sid
mug.criteo.com/ Frame DB64
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=sanook.com&sn=ChromeSyncframe&so=0&topUrl=www.sanook.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=hPZ_aXwvc1ZCQy9ab3hkUzhwcndEUVBaU2NXV0g4Q3ZrMXZFQXhTWkdnenF6aGtJNml3MW9jbkg2Qi9nZDlzVG5GVXdLS3JtS0dtL21nWnQ3VEpYUVVxQlpTS3JTakFLVjFsWFVMTDAzQTNTY284cTZpZnJneGtXbUVuTl...
425 B
647 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=hPZ_aXwvc1ZCQy9ab3hkUzhwcndEUVBaU2NXV0g4Q3ZrMXZFQXhTWkdnenF6aGtJNml3MW9jbkg2Qi9nZDlzVG5GVXdLS3JtS0dtL21nWnQ3VEpYUVVxQlpTS3JTakFLVjFsWFVMTDAzQTNTY284cTZpZnJneGtXbUVuTlVWVE5nc2dFb2tMVVFKUG5XSlVZZVRJdlJpQ0tEQUNhL2NEUTRYNEZKSjFvSUJyaUVCK254T0RLSW9vSW03aHprNDFRUzFiaVczK1JZcy9TTWNQQ2VLRXBBZlEzcUdtejhqYXByZWYrR0JMRDNVUjNBSzhnbGRKYmhHQkdubEdDdGs4UXJFM3BWRStjdWxDZGhuUHdrUmVTSXREanhiQT09fA&cppv=2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
229761f4b3e4286f03987779a2068fd5f07b44778d9bf7dfe7d8a31b36d8c68d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:02 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
5915582
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:01 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=hPZ_aXwvc1ZCQy9ab3hkUzhwcndEUVBaU2NXV0g4Q3ZrMXZFQXhTWkdnenF6aGtJNml3MW9jbkg2Qi9nZDlzVG5GVXdLS3JtS0dtL21nWnQ3VEpYUVVxQlpTS3JTakFLVjFsWFVMTDAzQTNTY284cTZpZnJneGtXbUVuTlVWVE5nc2dFb2tMVVFKUG5XSlVZZVRJdlJpQ0tEQUNhL2NEUTRYNEZKSjFvSUJyaUVCK254T0RLSW9vSW03aHprNDFRUzFiaVczK1JZcy9TTWNQQ2VLRXBBZlEzcUdtejhqYXByZWYrR0JMRDNVUjNBSzhnbGRKYmhHQkdubEdDdGs4UXJFM3BWRStjdWxDZGhuUHdrUmVTSXREanhiQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
269336
content-length
0
expires
0
activity
t.ocmhood.com/v2/ 		0
422 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.ocmhood.com/v2/activity
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 04 Dec 2023 19:52:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ydYS320F60EIDlzkniHLgPMXj%2BIU73Ia25lHYZsePhyJA%2FexuKDRb3W6xBwFKKOGG%2BLvoEkXA070Cb9n18oPolEKRazghnDg8BqdQCRCkRxCGxJ06wM6EPPaaWzA%2Bq0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
no-cache
cf-ray
830696684f1690d4-FRA
alt-svc
h3=":443"; ma=86400
/
beacon.taboola.com/ 		0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.taboola.com/?cat=webpush&v=1.5&src=Sanook&event=cancel&features=adblock
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230098-FRA
date
Mon, 04 Dec 2023 19:52:02 GMT
via
1.1 varnish
server
Varnish
x-timer
S1701719522.481405,VS0,VE0
access-control-allow-methods
GET, POST
content-type
x-cache
HIT
cache-control
private, no-store
access-control-allow-credentials
true
accept-ranges
bytes
retry-after
0
x-cache-hits
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1489944661112333&ev=PageView&dl=https%3A%2F%2Fwww.sanook.com%2F&rl=&if=false&ts=1701719521957&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701719521956.459781400&ler=empty&it=1701719521808&coo=false&rqm=GET
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 04 Dec 2023 19:52:02 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-8147095-6&cid=991902406.1701719521&jid=114004088&gjid=136288152&_gid=1915569760.1701719522&_u=YADAAEAAAAAAACAEK~&z=2064927723
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 04 Dec 2023 19:52:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		236 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-17F0RQM2JW&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9c7007b2a6b24d85385a2f9051fb94dc87674259183216af03839590443368f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84559
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 04 Dec 2023 19:52:02 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-8147095-6&cid=991902406.1701719521&jid=114004088&_u=YADAAEAAAAAAACAEK~&z=723636656
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-8147095-6&cid=991902406.1701719521&jid=114004088&_u=YADAAEAAAAAAACAEK~&z=723636656
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-17F0RQM2JW&gtm=45je3bt0v9134475311&_p=1701719518726&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=991902406.1701719521&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sid=1701719522&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_4=0&ep.ua_dimension_12=1701719521123.qgo5kiob&ep.ua_dimension_22=firstpage&ep.ua_dimension_23=indexpage&ep.ua_dimension_43=0&tfd=9052
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-17F0RQM2JW&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-17F0RQM2JW&cid=991902406.1701719521&gtm=45je3bt0v9134475311&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-17F0RQM2JW&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-17F0RQM2JW&cid=991902406.1701719521&gtm=45je3bt0v9134475311&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=1270366175
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hub.js
p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/ Frame E846 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/hub.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 10:53:33 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 18 Nov 2016 04:14:33 GMT
server
Lego Server
age
834732
etag
"582e8029-1e6a"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
6732576745345636773
accept-ranges
bytes
content-length
2483
expires
Tue, 19 Dec 2023 10:53:33 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/ 		432 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e071e5b39d13cef80f7a46d854de133fd73c15d1351ebcf7e1f1b48821e7aeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 11:36:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
29755
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138259
x-xss-protection
0
server
cafe
etag
16445146976575771301
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 03 Dec 2024 11:36:07 GMT
cdb
bidder.criteo.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=184&cb=16829087061
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sanook.com
date
Mon, 04 Dec 2023 19:52:02 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
cdb
bidder.criteo.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=184&cb=70411673598
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sanook.com
date
Mon, 04 Dec 2023 19:52:02 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
cdb
bidder.criteo.com/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=184&cb=89814170940
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sanook.com
date
Mon, 04 Dec 2023 19:52:03 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
translator
hbopenbid.pubmatic.com/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=795
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Mon, 04 Dec 2023 19:52:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=328
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Mon, 04 Dec 2023 19:52:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
213794966
fundingchoicesmessages.google.com/i/ 		177 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/213794966?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e4c29700b0114f6280ba441711d69a972954694942152d1a8bfe1b186ffb9e5c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Y8_gjLj5-JJqlrSPWh6zVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:03 GMT
content-security-policy
script-src 'report-sample' 'nonce-Y8_gjLj5-JJqlrSPWh6zVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
dc.js
avd.innity.net/lib/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/lib/dc.js
Requested by
Host: avd.innity.net
URL: https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.46.68.61 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-68-61.deploy.static.akamaitechnologies.com
Software
nginx/1.20.2 /
Resource Hash
0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 19:52:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Oct 2021 06:40:46 GMT
Server
nginx/1.20.2
ETag
"61725cee-5149-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=1902287
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6412
Expires
Tue, 26 Dec 2023 20:16:50 GMT
container_5f47736a47e7049801000002.js
avd.innity.net/261/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/261/container_5f47736a47e7049801000002.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.46.68.61 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-68-61.deploy.static.akamaitechnologies.com
Software
nginx/1.20.2 /
Resource Hash
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 19:52:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Sep 2020 01:58:26 GMT
Server
nginx/1.20.2
ETag
"5f73e642-1eac-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=1937670
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2870
Expires
Wed, 27 Dec 2023 06:06:33 GMT
/
avd.innity.com/dc/cb/ 		59 B
707 B 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by
Host: avd.innity.net
URL: https://avd.innity.net/lib/dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
76bba525b070fc8fa358de9626d0eb4815dc740910115c8b560749041ec25736

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Dec 2023 19:52:04 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Dec 2023 19:52:04 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
79
Expires
Wed, 04 Aug 1985 12:59:00 GMT
events
bidder.criteo.com/csm/ 		0
192 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Mon, 04 Dec 2023 19:52:03 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 28 Nov 2024 19:52:03 GMT
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 28 Nov 2024 19:52:03 GMT
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=731
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Mon, 04 Dec 2023 19:52:02 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/ 		16 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.123.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-123-144.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:03 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 04 Dec 2023 19:52:03 GMT
events
bidder.criteo.com/csm/ 		0
192 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Mon, 04 Dec 2023 19:52:02 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		139 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5b75177effc84edb03db4e14a68ce59db974e2adfc3df756859156c84b42e729
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:03 GMT
an-x-request-uuid
c6a64de4-3d2b-49ac-bc3f-db8765aaba7c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.106; 80.255.7.106; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
tencentth-d.openx.net/w/1.0/ 		73 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tencentth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sanook.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=aea7cbdd-bb34-4795-bd44-3ed12af18070&nocache=1701719523415&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&aus=300x250%2C257x240%2C300x125&divids=rgpt-reca-4&aucs=%252F4899711%252Fwww.sanook%252Fdesktop%252Fall%252Findexpage%252Freca&auid=542511420
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
5ee0967cb609951ce7fced06d5776b6519c4376dcd5f3985e2fde85cc28aaebd

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:03 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sanook.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		370 B
885 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17864&site_id=385176&zone_id=2142876&size_id=15&alt_size_ids=570&rf=https%3A%2F%2Fwww.sanook.com%2F&kw=%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%2C%E0%B8%AB%E0%B8%A7%E0%B8%A2%2C%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A%E0%B8%B2%E0%B8%A5%2C%E0%B8%9F%E0%B8%B1%E0%B8%87%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%2CJoox%2C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%2C%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%2C%E0%B8%A7%E0%B8%B2%E0%B9%84%E0%B8%A3%E0%B8%95%E0%B8%B5%E0%B9%89%2C%E0%B8%81%E0%B8%B5%E0%B8%AC%E0%B8%B2%2C%E0%B8%AB%E0%B8%99%E0%B8%B1%E0%B8%87%2C%E0%B8%A5%E0%B8%B0%E0%B8%84%E0%B8%A3%2C%E0%B8%84%E0%B8%A5%E0%B8%B4%E0%B8%9B%E0%B8%A7%E0%B8%B4%E0%B8%94%E0%B8%B5%E0%B9%82%E0%B8%AD%2C%E0%B8%AA%E0%B8%B8%E0%B8%82%E0%B8%A0%E0%B8%B2%E0%B8%9E%2C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%9A%E0%B8%B1%E0%B8%99%E0%B9%80%E0%B8%97%E0%B8%B4%E0%B8%87%2Csanook%2C%E0%B8%A7%E0%B8%B4%E0%B9%80%E0%B8%84%E0%B8%A3%E0%B8%B2%E0%B8%B0%E0%B8%AB%E0%B9%8C%E0%B8%9A%E0%B8%AD%E0%B8%A5%2C%E0%B9%80%E0%B8%81%E0%B8%A1%2C%E0%B8%94%E0%B8%B9%E0%B8%97%E0%B8%B5%E0%B8%A7%E0%B8%B5%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C&tg_i.page=https%3A%2F%2Fwww.sanook.com%2F&tg_i.domain=sanook.com&tg_i.pbadslot=%2F4899711%2Fwww.sanook%2Fdesktop%2Fall%2Findexpage%2Freca&tk_flint=pbjs_lite_v7.39.0&x_source.tid=aea7cbdd-bb34-4795-bd44-3ed12af18070&l_pb_bid_id=169bf6edea59761&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F4899711%2Fwww.sanook%2Fdesktop%2Fall%2Findexpage%2Freca&slots=1&rand=0.6850357039413779
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
66dda5fa0f8f05dc23cb0a405c75607b04dc6adfd6079606eaec99fbed88facc

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:03 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
370
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid-request
a.teads.tv/hb/ 		16 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.123.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-123-144.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:03 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 04 Dec 2023 19:52:03 GMT
hb
rtb-eu.andbeyond.media/ 		22 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-eu.andbeyond.media/hb?zone=136922&v=1.6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.sanook.com
Date
Mon, 04 Dec 2023 19:52:03 GMT
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
22
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=340
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Mon, 04 Dec 2023 19:52:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=575406
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db0ef5f49abb21772d8a5b122a3db52b7237b711ad13786b98629624a1c72ad7

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9YOfcNlpAkeieQVOF5w9%2FGzYTTcGB8WeiAKqaoa0bAETaUDow%2B399CvK1G4ZaBLX8G0c6yVcU%2FK4M6GxdeYnDPWsGMqDKLV8shuQdsklGLd8xM6Z42egsakqLXkvXa7BYDIYalOl"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8306966dfcb56a78-TXL
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
events
bidder.criteo.com/csm/ 		0
192 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Mon, 04 Dec 2023 19:52:03 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=264
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Mon, 04 Dec 2023 19:52:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0E72 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.43.60.191 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-43-60-191.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=67226
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 04 Dec 2023 19:52:03 GMT
expires
Tue, 05 Dec 2023 14:32:29 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 05FE 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.43.60.191 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-43-60-191.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=67226
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 04 Dec 2023 19:52:03 GMT
expires
Tue, 05 Dec 2023 14:32:29 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
AGSKWxUXbCqM-AjDgR5UxWZV4M6Y53ps-Lh_z2QlAgStwJlBqOvrlUHrO2W1_wNL0JIxqHasrTVzHJqO_mBTo8cWviZFkUITWkx46cDUjIH-mYX2mILvske3F8ee-1ZG8ZY0lcel8uAcaQ==
fundingchoicesmessages.google.com/f/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUXbCqM-AjDgR5UxWZV4M6Y53ps-Lh_z2QlAgStwJlBqOvrlUHrO2W1_wNL0JIxqHasrTVzHJqO_mBTo8cWviZFkUITWkx46cDUjIH-mYX2mILvske3F8ee-1ZG8ZY0lcel8uAcaQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxNzE5NTIzLDQ4MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuc2Fub29rLmNvbS8iLG51bGwsW1s4LCJwN3RfbTJvR3A4USJdLFs5LCJkZSJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.p7t_m2oGp8Q.es5.O/am=AAM/d=1/rs=AJlcJMysrlPDx9ciiHy-YjfGSJSq1JOS2g/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
52b7c084bbe7cd248dc0be6c9cb5d509dc6c5117343a0a8bcde44b18c607e268
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0Luh9U91px5z6U6XkNtalA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:03 GMT
content-security-policy
script-src 'report-sample' 'nonce-0Luh9U91px5z6U6XkNtalA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-a9a7"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Dec 2023 19:52:03 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.18.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-18-33.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 05:36:54 GMT
content-encoding
gzip
via
1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P6
age
51310
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
elDF9mgwZqdGkKs-o6SWqH9xhFTB2lJgHQS4YxI7v8SFUWna2CJKEQ==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2447:3200:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Mon, 04 Dec 2023 10:03:28 GMT
Via
1.1 06cdb267b93af0cbfcd6cc564136784a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS58-P5
Age
35316
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
d7LlmgviJywXdjj_nbUhWAxBmkKeB1nx3HBMRnrBYj4D62Sxjc_Lqg==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 17:40:12 GMT
content-encoding
gzip
age
1822311
x-guploader-uploadid
ABPtcPrYakBZZUaYUT2Aa4NoJoJQZRP6-ODG4Mlhh8MKCLApMvJzlaEJN2z8T9SAscKxSRsWb_zHAvxtH2n8WvZ8c-eAXA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Tue, 12 Nov 2024 17:40:12 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		152 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d050c56b76cb2dae10e3eadd8e8f5e83594db0916d25946bec2f662f69dd776d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:03 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Nov 2023 11:19:25 GMT
server
cloudflare
x-amz-request-id
VF0K1FN7KR7ZCCA2
age
1961
etag
W/"d12fc51ceb66081fc72dabad6e4e0ded"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8306966eb93b90fb-FRA
x-amz-id-2
dr6oJ8UZH6gxgPjsXBxrxBIx6Zp7MkR+d8Xk38cJxE7BlmdtmDakYA5d7D+sYXqzg9fp4ksqnsYnhZfeegZrtg==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
21976
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230131-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pSbDSOjYxmDU9d1OFD326bnVCbSnlEQGaRKyluelzqxmOgZRydZw2Oz3SmiLn5c1JoTdgkxTV7Hm%2F7VoqDvWnkhos0rUALTer0sK6Q%2BOBjQv9paMLB4R4cLT8g2B38aD709cE0vnxfW1UgqcgLQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8306966ea9455b26-FRA
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2833584388591494&correlator=642960055778424&eid=31078986%2C31079856%2C31079525&output=ldjh&gdfp_req=1&vrg=202311280101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cuniversalb&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&ifi=1&didk=2096832710&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701719523503&lmt=1701719523&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=991902406.1701719521&ga_sid=1701719524&ga_hid=1159973258&ga_fc=true&dlt=1701719518708&idt=4269&ppid=62bc37ef75f2e1f43a262e073f4e3103&prev_scp=category%3Dall&adks=345054422&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3dd9f009128a2a646a481df4c9a595c1aaa011dde0b36daa64201e13a3902ba4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12611
x-xss-protection
0
google-lineitem-id
5582840632
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138452573066
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		570 B
370 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2833584388591494&correlator=4163455153048762&eid=31078986%2C31079856%2C31079525&output=ldjh&gdfp_req=1&vrg=202311280101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2CSkyscraper&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=130x445&ifi=2&didk=1874942343&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701719523514&lmt=1701719523&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&psz=0x0&msz=0x0&fws=132&ohw=130&ga_vid=991902406.1701719521&ga_sid=1701719524&ga_hid=1159973258&ga_fc=true&dlt=1701719518708&idt=4269&ppid=62bc37ef75f2e1f43a262e073f4e3103&prev_scp=category%3Dall&adks=908668280&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33919f4485548e794d87e07115b80c76a42d88d6c7dcae4c17fa3300942a480d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
286
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 00C8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 19:52:03 GMT
expires
Tue, 03 Dec 2024 19:52:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2833584388591494&correlator=2100786436938011&eid=31078986%2C31079856%2C31079525&output=ldjh&gdfp_req=1&vrg=202311280101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cbillboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1%7C1150x90%7C1090x250&ifi=3&didk=498303881&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701719523537&lmt=1701719523&adxs=225&adys=-90&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&psz=1150x-1&msz=1150x-1&fws=4&ohw=1150&ga_vid=991902406.1701719521&ga_sid=1701719524&ga_hid=1159973258&ga_fc=true&dlt=1701719518708&idt=4269&ppid=62bc37ef75f2e1f43a262e073f4e3103&prev_scp=category%3Dall&adks=3448326100&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5b930007292d6deb08e2230ca41426d4897c5347be9e3b444a8cdba9410a0d9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13221
x-xss-protection
0
google-lineitem-id
6420213038
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138455477718
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 0E72 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=78795685&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:03 GMT
content-length
0
AGSKWxW8cvWEfbB8O2b9gIBXR9E2HjyrNvZdiDTL3c3iVR7Qz4Ssm-zesGrHSK-J9j73ezCumOGWgk81Q-EeHKeHRPMZGkSHjytm3RsZioVtqHoLOX7-XEhLxo7yzWmqJw-n3S8X3QmnJA==
fundingchoicesmessages.google.com/f/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW8cvWEfbB8O2b9gIBXR9E2HjyrNvZdiDTL3c3iVR7Qz4Ssm-zesGrHSK-J9j73ezCumOGWgk81Q-EeHKeHRPMZGkSHjytm3RsZioVtqHoLOX7-XEhLxo7yzWmqJw-n3S8X3QmnJA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxNzE5NTIzLDU4MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXSwiaHR0cHM6Ly93d3cuc2Fub29rLmNvbS8iLG51bGwsW1s4LCJwN3RfbTJvR3A4USJdLFs5LCJkZSJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.p7t_m2oGp8Q.es5.O/am=AAM/d=1/rs=AJlcJMysrlPDx9ciiHy-YjfGSJSq1JOS2g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ed845309cbb4ba6687bdb3e03a5018929f36adfeb1964e1e81656f1b9d493603
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-SgUIJvHlaz-90P4I6ZhCNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:03 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-SgUIJvHlaz-90P4I6ZhCNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
c
sal.isanook.com/sa/ 		35 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sal.isanook.com/sa/c?v=1&_v=j41&a=857207744&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QAAAAAABC~&cid=1739298223.1701719524&tid=SA-8147095-6&cd4=0&cd8=b&z=1557625909
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.94.165 Bang Phli, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-94-165.static.asianet.co.th
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 04 Dec 2023 19:52:03 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
no-cache, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35
Expires
Thu, 01 Jan 1970 00:00:01 GMT
d
dc.sanook.com/sanookStat/userActBinary/ 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dc.sanook.com/sanookStat/userActBinary/d?v=1&_v=j41&a=857207744&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cd4=0&cd22=firstpage&cd23=indexpage&_gid=1915569760.1701719522&_u=AAAAAEABC~&cid=991902406.1701719521&tid=DC-8147095-6&z=1580466794
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
61.91.93.45 Bang Phli, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-45.static.asianet.co.th
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 04 Dec 2023 19:52:05 GMT
X-Powered-By
ARR/3.0
Content-Length
0
view
securepubads.g.doubleclick.net/pcs/ Frame A3A8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssC4g0NAMYs9580A7bwvaWOcyz7izrdvFH2JeyQQB5tqCh8OtrmviZPFyClv-kUyy4ZEzIHA4RRmEtyCno_8l-CLxLyLHP8TW0KOJOaQujdFASGnPr4973ZhUQpqBaauhKFnQ6p9heAaQ9LBn2E1dvDyUuXAB-dz3FKZ6LlpjgFGryaJDPOtGoVCLp-fex5dMMP5Wvg5xhH1Wzy18w0nYTS-R4q5krMUro5ikcRsYfZ6aRyMdUGfuwQCAWWYkUsz5QGAeUm7S5sWg5s1MO4cz1uC1MvmNG24QF7Hi2yqTb5wNb6YRJWYU_HHrg2XbfTYB7w96Unz2dHSzExOk0NlJxUf7TMM71ATplxAhj_-0Dkg4YE&sai=AMfl-YR3bbHbbVo4IstF5NvDRiRkWHtd_Fday8px4hQtWjJeq2ZtEY1otwgA3URQ62XBOgYBhjpdSC5F2omb7J9ktnK5gwyTkcO2TorEC_iXMfePji-izz4SuV7OIjpN1JYY78X2yAo-Mb8MsX1ilwtEX7BiOTyHFwcMxBGe6g&sig=Cg0ArKJSzCWAQTt64ozXEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame A3A8 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
648c9a624cd37f634e2af4464b65ac480dacebfd73d1c60d0d9f9063f2e25362
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30336
x-xss-protection
0
server
cafe
etag
2 / 19695 / m202311280101 / config-hash: 17787931357026562509
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 04 Dec 2023 19:52:03 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A3A8 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Dec 2023 19:52:03 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2833584388591494&correlator=827344962077767&eid=31078986%2C31079856%2C31079525&output=ldjh&gdfp_req=1&vrg=202311280101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cleaderboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90%7C468x60&ifi=4&didk=3402878631&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Daf164b275d895068%3AT%3D1701719523%3ART%3D1701719523%3AS%3DALNI_Mb_U1cJ5Mvp_sIHyth7saY9JpmuiQ&gpic=UID%3D00000d0addb43846%3AT%3D1701719523%3ART%3D1701719523%3AS%3DALNI_MZZar9erS_9Hq4PhvppKyNFJfUjAQ&abxe=1&dt=1701719523663&lmt=1701719523&adxs=0&adys=1811&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&psts=AOrYGsn6F5ZCZVBAGMKQ_Dv8Iy-iyM2mOW8SAIS3nylG8wbuZh_f-hEdeK99hove4QocbgH2d6GFq_P0TuX_67cBAnXtE0NK0buuKv9NjrRp94t7kWoOu8ZI-tY&ga_vid=991902406.1701719521&ga_sid=1701719524&ga_hid=1159973258&ga_fc=true&dlt=1701719518708&idt=4269&ppid=62bc37ef75f2e1f43a262e073f4e3103&prev_scp=category%3Dall&adks=3667654068&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f099332b196217005707d477a5486f533f1259bb0dc205fde5a996f6e6fafcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13020
x-xss-protection
0
google-lineitem-id
6130918536
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138407608043
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7132 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYlxFYzgQxgl09vVRTba4pUa7PwRJeOcwvPaS0m9o_e5ypOCcPQGRQl7kj0rnYKADy2fiyCEi45XQrtuKDkWAsxzdjXwjJxTa5pMBAxDk-9RlPXEccGmhPp44nL-3uUMG8oYfg3YHH4iVt4c9ZtXWv9kjZ8DGoLtWIWUc9zOsT4wTJWBP26JZokFjL2zVj9L0lyLe1UfLVKylDo8rR4BGAoJcdiWI6xsmTDfPgMVVnI-JjBdDYw95kNrZSJO9-6etU9g3Tr8Da6PwwZ6tENI61AqmCah0s6quAZgH49A35D4r72O_9hTh4RN5pUOeRiUdrOgxfEA6WjU6upjtO-BfcEMyZEodP3piE2iX6cMR__Rd20Q0kLPGN&sai=AMfl-YSQsyVS2Wu6aq6gNMywzRsp-A8c6Zid-Rd-VIr5G-jS2Sr2TtHaUQ8BCLXp3j9OjLO_qWLsfGyvLX3KiuXsiXzIgunTiYxCUI5I62_BAgR70c19AF-XPMLSVTF_wyXyMPfMuXhdDOD_NZEFFfCRWamIZgGBPkEMXSOwhA&sig=Cg0ArKJSzMBdTabYeg9XEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 7132 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Dec 2023 19:52:03 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 47CA 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
989
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8306966ffd34450a-TXL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Dec 2023 19:52:03 GMT
expires
Mon, 04 Dec 2023 23:52:03 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame AC38 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40433
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 04 Dec 2023 19:52:03 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
4220, 344343
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230060-FRA
X-Timer
S1701719524.856693,VS0,VE0
pd
u.openx.net/w/1.0/ Frame B6C9 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 04 Dec 2023 19:52:04 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
o_1hg7tns3q6p619qn3o57ah1augc.jpg
img-as.fsanook.com/files/uploads/ads/dfp/20231127/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-as.fsanook.com/files/uploads/ads/dfp/20231127/o_1hg7tns3q6p619qn3o57ah1augc.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.58 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
6a8b78fe3e49244435de404c17af47b10b72e564b9c2e0adea38b74d8afd6946

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 17:22:53 GMT
x-cache-lookup
Cache Hit
last-modified
Mon, 27 Nov 2023 08:18:42 GMT
server
Lego Server
age
0
etag
"656450e2-d4a9"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
x-nws-log-uuid
17107764188323481848
accept-ranges
bytes
content-length
54441
expires
Sat, 30 Dec 2023 17:22:53 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2F&rid=esp&cc=1
85 B
202 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2F&rid=esp&cc=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
1078fc0700293c883480afa0e37927e47fb670ed44dd1557f7760e2a2b3bf6f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:04 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-zcolgfgvh4rkIRFiG46mEu9SEL8"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Mon, 04 Dec 2023 19:52:03 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.sanook.com
location
/esp?url=https%3A%2F%2Fwww.sanook.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ads
securepubads.g.doubleclick.net/gampad/ 		36 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2833584388591494&correlator=4403180005426517&eid=31078986%2C31079856%2C31079525&output=ldjh&gdfp_req=1&vrg=202311280101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Creca&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C257x240%7C300x125&ifi=5&didk=4218483591&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dcdcb781ea30632fb%3AT%3D1701719523%3ART%3D1701719523%3AS%3DALNI_MaXXPEv5VGXVYpBxZTgUbQAWO55Sg&gpic=UID%3D00000d035bd3f5e0%3AT%3D1701719523%3ART%3D1701719523%3AS%3DALNI_Mb_b-InHcgT2fCBfErxiqS4cQEbtA&abxe=1&dt=1701719523790&lmt=1701719523&adxs=1033&adys=1076&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&psz=300x0&msz=300x0&fws=4&ohw=1600&psts=AOrYGsn6F5ZCZVBAGMKQ_Dv8Iy-iyM2mOW8SAIS3nylG8wbuZh_f-hEdeK99hove4QocbgH2d6GFq_P0TuX_67cBAnXtE0NK0buuKv9NjrRp94t7kWoOu8ZI-tY%2CAOrYGsl-tyCmtJJLAvxLYFmGjKMY-dbnr4w9cZuZNIzxQS9txbc1TEAe-Iegr57tm7maaR3y80GU76Awg0v8D4C9_BiAOyXL6aey3JYvtMxwLhXItw&ga_vid=991902406.1701719521&ga_sid=1701719524&ga_hid=1159973258&ga_fc=true&dlt=1701719518708&idt=4269&ppid=62bc37ef75f2e1f43a262e073f4e3103&prev_scp=category%3Dall&adks=4033539290&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c907c63bf68b6afa5d3ca05bcce173900762e0eb58c0fc0b8635f7e4ff5dd82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14689
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
tagline-template-update-april.jpg
s.isanook.com/fi/0/fp/392/1963849/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1963849/tagline-template-update-april.jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
2a22f4a574d31e44b39a6e5a77a1e83a32d8e49dce88acf63eaec82359a9dc2e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 14:28:13 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
10390429172387573936
accept-ranges
bytes
content-length
9613
expires
Wed, 03 Jan 2024 14:28:13 GMT
tagline-template-update-april.jpg
s.isanook.com/fi/0/fp/392/1963689/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1963689/tagline-template-update-april.jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
c6213aed1cf715e47b28ccdf8a0539c3572673e48da4c093084257c180f7bd01
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 08:51:27 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
440
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
17465233912033459501
accept-ranges
bytes
content-length
6486
expires
Wed, 03 Jan 2024 08:51:27 GMT
tagline-template-update-april.jpg
s.isanook.com/fi/0/fp/392/1963825/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1963825/tagline-template-update-april.jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
d930d6c143a80df7207da19ac3aa05424b6466384ac5a6a64930c8f36cc799f7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 11:32:09 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
15055706138677539227
accept-ranges
bytes
content-length
11493
expires
Wed, 03 Jan 2024 11:32:09 GMT
tagline-template-update-april.jpg
s.isanook.com/fi/0/fp/392/1963837/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1963837/tagline-template-update-april.jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
ed016889af6611a1a654e039e10f0aa66285d68199af13ec6bf33ee572757caf
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 11:57:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
2723785724889280883
accept-ranges
bytes
content-length
8098
expires
Wed, 03 Jan 2024 11:57:32 GMT
increment
id5-sync.com/api/esp/ 		0
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Mon, 04 Dec 2023 19:52:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
usync.html
eus.rubiconproject.com/ Frame 095F 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Dec 2023 19:52:04 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
map
bcp.crwdcntrl.net/6/ 		60 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.165.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-165-240.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
9e8632bb62cb8ee4fccbcbcd0baaefc4e79f47efb981606d4ba1d6ab499687c2

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:04 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache
x-server
10.45.31.44
access-control-allow-credentials
true
content-length
60
expires
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/ Frame A3A8 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e071e5b39d13cef80f7a46d854de133fd73c15d1351ebcf7e1f1b48821e7aeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 10:26:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
33938
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138259
x-xss-protection
0
server
cafe
etag
16445146976575771301
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 03 Dec 2024 10:26:25 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7132 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjston9rY1GuTGleeq2Ok8OTsag8--yuIybrV3HLSqAytRo1LIKlaDYGIUefryOiYOHfxje4YGrgo-lVdmy3yHlW7ZbxooJyhD1nphTBC1ooVV2C0B-zD92ZWgJtzgHNH68OUH0r_oHQArdwF4Yn4_CUL1tlRzMzqzxng5khOmIq9Q2MIVA7A9advm1ikNh-S1IUevDdL5iFlYN9f508C_g13tqGRQm-x1yXCFpGW6MxAXjkK1x7_PQzKPzq0-O0VYQR0xvKQJ6EEZFmtjdJKgyQtw9kHb_4pOFgAW7gBa3eYRHfnQeSZP80oDZiUbM8NpCa3NBzvKfbIf1jLcr0wgmqpH0xoFTtKIJ-aJPZ1NTZwxrwS_gJthx6os7M&sai=AMfl-YRRrUBYUFKOFzayMB1bE-csAKr3o-nGw7VfF62rBLHqX2oytAmnMfX5rm7kbaqR2CHjphuMyaLC5xrP1kGC7W_ZJNdUip98dzUjW2sg-oetPsNOfYhqmgwHKG3I3c92H-k2WocmxK7MUTYDy-9Wid63vkQ8sT_Z2zHyyw&sig=Cg0ArKJSzBu9wKfDIU8iEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Dec 2023 19:52:04 GMT
bounce
ib.adnxs.com/ Frame AC38
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:04 GMT
an-x-request-uuid
caf72996-014f-4385-b67e-b5a0e2f0deb2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.106; 80.255.7.106; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:04 GMT
an-x-request-uuid
15870ab9-bbf0-44e3-b0d4-15d0eb475c17
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.106; 80.255.7.106; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
555(2).jpg
s.isanook.com/fi/0/fp/392/1963585/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1963585/555(2).jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
233b1c7a6f5d9b182a9588c039a58a1787f1d6c8f57772079a63626cdcdb62e2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:15:19 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
15478323232681717453
accept-ranges
bytes
content-length
11749
expires
Wed, 03 Jan 2024 17:15:19 GMT
page.jpg
s.isanook.com/fi/0/fp/392/1963637/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1963637/page.jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
a6c1a4a64cad91138cc2da2e26ea2d61cea09ec4ddb93d818bbaf8203d0f8782
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 07:06:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
532
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
17978531003563570675
accept-ranges
bytes
content-length
12221
expires
Wed, 03 Jan 2024 07:06:15 GMT
15.jpg
s.isanook.com/fi/0/fp/392/1963797/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1963797/15.jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
d54717b34b981fbbc941323dfd3391ca43c7d108296c0a3a4d7102c89ebb393a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 10:09:24 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
85
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
2029274721429866331
accept-ranges
bytes
content-length
11312
expires
Wed, 03 Jan 2024 10:09:24 GMT
4444(3).jpg
s.isanook.com/fi/0/fp/392/1963625/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1963625/4444(3).jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
1b756182a9188a34ec0cc76770a9384ccb2672d98d4091bc97e7b6072a352b31
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 06:49:00 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
350
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
3682795853396159323
accept-ranges
bytes
content-length
9899
expires
Wed, 03 Jan 2024 06:49:00 GMT
container.html
a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DFCC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 19:52:03 GMT
expires
Tue, 03 Dec 2024 19:52:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usermatch
ssum-sec.casalemedia.com/ Frame C423
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
858 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ae3934f007c5668a430a121ae41421d6085effc72f612252274076e97497441

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
830696729fe06a78-TXL
content-encoding
br
content-type
text/html
date
Mon, 04 Dec 2023 19:52:04 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mi1wUHS0dMzSrBKe30RgN6vWrZ8bFre596fCG9hrfq00wHfhTWTcXzCTDZ5P%2FhVfnt19yKU09mYCGhD4Y24bOAjOwk%2Ff9CPrex1LOWUOqpz95oARseouzQflq6fm%2B7uLF7D4SPO2Rsh1Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83069671ee656a78-TXL
content-length
0
date
Mon, 04 Dec 2023 19:52:04 GMT
expires
0
location
/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3dUfeLwqDfZdCIn909xyr%2FrAnG6Gn80uchpXupHtV482E5s3LDNbuyunlximjPgm1vL%2FsIop%2B%2BqNT7IGLW%2FRAjrqFyXe9efiILY9H6pSC3zC1iNxeVQdd3If580S1xq9klJRwMc8wSrasA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 095F 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
dada31613ec07643549dd0ba2fccbbbb2063c5af7ddd3e2377c6cdb5ade0cc04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 19:52:04 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Dec 2023 14:03:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=65496
Connection
keep-alive
Content-Length
13236
Expires
Tue, 05 Dec 2023 14:03:40 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A3A8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLAknOn9I5uJAteYOZKXKUyAFq7jF1PJZ2m3X2uWM7uLTOsjkKHwFZD4PZVBeYtg52FM61v02RD0BcAoNMguIgcMifLtGKfJw2MrY_ZTylyxAnFZnkvs0ZJluEBztRKokZI4mm1nAa_jfSmSMB7Eahw4pztgagvbsacK-IIlyQed4dH3VrLvaBjeETl6jNjPiHeN3nvMtbMlYbmqjTvrZb0Qasyaj-dU6bBus2T3_Ql7H5Pi9C0YsdmwmXinuiqs8O1iA9I6vzntE4_fYk_CEEe2EKS_Qujak5n8WKuvNz7zRdEITnyCKIUnLHo1CGPQCxdT0CQs1IejcZBl5Wf6w9rg2umqdoQ3Au5pCz97jEODKbeug&sai=AMfl-YSmEj58s0iVC31Y6leHVcDohFy7Exjq6gHJF3uKRed9RkQ3VFFZYEkr1Fj0RIjMHe40LvGcOdsD7NXPPoWMz2TirDO71fPa_mc30lGvZBvESS_-zU7_coJEEceUYhcrC0SP8OblhoGMRSbOuDRc6217gpnhzCCu43ZU8Q&sig=Cg0ArKJSzCYU6-Vs11SPEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Dec 2023 19:52:04 GMT
container.html
a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2D62 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 19:52:03 GMT
expires
Tue, 03 Dec 2024 19:52:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame A3A8 		946 KB
96 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2431512832835613&correlator=4061885205469813&eid=31079960%2C44807690%2C31079527&output=ldjh&gdfp_req=1&vrg=202311280101&ptt=17&impl=fif&us_privacy=1---&iu_parts=21927187246%2C55034_Sanook_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&didk=607409652&sfv=1-0-40&sc=1&cookie=ID%3D46e7cf4f5e699ed8%3AT%3D1701719523%3ART%3D1701719523%3AS%3DALNI_Mbtm3lrg6Ht8V2hHJ8Y36o6hHzS7A&gpic=UID%3D00000d035d091fe5%3AT%3D1701719523%3ART%3D1701719523%3AS%3DALNI_MYrNrBlWlTBnnrtNXiZwlNNFW_yCA&abxe=1&dt=1701719524232&lmt=1701719524&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=74u821xoxj3z&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.sanook.com%2F&ref=https%3A%2F%2Fwww.sanook.com%2F&top=https%3A%2F%2Fwww.sanook.com%2F&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&ga_vid=991902406.1701719521&ga_sid=1701719524&ga_hid=1497601669&ga_fc=true&dlt=1701719523642&idt=486&adks=178697795&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac2bf451821bda8f8efa7d6de2fd8a4f21b3072e9a9f3c38cf0743c5d75b403e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98259
x-xss-protection
0
google-lineitem-id
5849485604
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138373690262
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A3A8 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311280101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fcb506a1d640d7702dce6efc99b35de675edbc65e5aeef96d547ab17105d1e4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12135
x-xss-protection
0
container.html
b658dd82d5a8e28f7ee079cd9d71e1b6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3AA6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b658dd82d5a8e28f7ee079cd9d71e1b6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 19:52:04 GMT
expires
Tue, 03 Dec 2024 19:52:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame DFCC 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com
URL: https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 14:43:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
18498
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 03 Dec 2024 14:43:46 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame DFCC 		91 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com
URL: https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d46bd0a0f0623955233a460eb68ae79bf67f4042d875558a2fc3fb3fb07e316
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29943
x-xss-protection
0
server
cafe
etag
498 / 19695 / 31079874 / config-hash: 17787931357026562509
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 04 Dec 2023 19:52:04 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame DFCC 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com
URL: https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Dec 2023 19:52:04 GMT
khaos.json
token.rubiconproject.com/ Frame 095F 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
pd
google-bidout-d.openx.net/w/1.0/ Frame 92D8 		0
71 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 04 Dec 2023 19:52:04 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
afr.php
ads.eu.criteo.com/delivery/r/ Frame 5B21 		167 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Requested by
Host: a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com
URL: https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a5cd3e23b9b29562a2d2ff57f920e7c30769c2bbe8c778206191bee884c61f13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 19:52:04 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=XQlInqGeomRNV-vyMoVNsqgEaaXP8kUEb4xWloaJp-kZqkxz9EabC-2Ob2RcCktKtlScq55juuKdeqoDQw8Qv7P2wIC2HqhUarN7EGPhzSx7a9HnH2Evm9f7CNOTMTPrdIQBkq0ok7PAT8OaGMFd01IQspJmZyb-EqoSNoEqUr9hEEDWsZ9bg-5n3o9OQHNlL_jAiCZsNWXEWQtNhO9Y6NOmx1Vu0cucZXGs_EZ8gA6FwVNC0RWcueiZhKo"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
67807980
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 2D62 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com
URL: https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 13:51:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
21635
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 13:51:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 2D62 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com
URL: https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 22:31:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
76829
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Dec 2023 22:31:35 GMT
l
www.google.com/ads/measurement/ Frame 2D62 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ_r6sMsd2CnZS6P8HB9Zj-pRAZXciOeq9CECQfAGFE8Sg_78_CTGXfh48sc2RDu6RnVg4k
Requested by
Host: a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com
URL: https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2D62 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com
URL: https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 14:43:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
18498
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 03 Dec 2024 14:43:46 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2D62 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com
URL: https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Dec 2023 19:52:04 GMT
crum
dsum-sec.casalemedia.com/ Frame C423
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZW4t5IQOUnz3InHztUa7WgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJw3pnDq98KxZm1jTDo82YI&google_cver=1
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJw3pnDq98KxZm1jTDo82YI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tg4jTJuTxUDWLHe54muEjUmeddJowa1Zui3XWj6fmM21qt3ihsbuLHmhWRBcq2GGg1fSvCxYBeb7%2BKgqVzn8%2BWxpTIWcoKAI7p0tpQsISYrRPnK4%2FH6Wk76muz6Ds6LW0nnfGvD5YTpjug%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
830696836a1c58de-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJw3pnDq98KxZm1jTDo82YI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame C423 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:04 GMT
server
Kestrel
content-length
70
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame C423
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZW4t5IQOUnz3InHztUa7WgAABMAAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBnfxHamNF__tIMQo12qLNo&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBnfxHamNF__tIMQo12qLNo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bT2LPQvleJupF6aYa1bm6Glc4rxAHVxOwBP4BmWYpnDOZKUcLXpWNFmdj%2BzGpvalPr43HChydUMoCYGgDVzg3rH9JOOHGZr5XqL9W1F4j4m4OjgrWU5riLYpFsp84vr6TZ7EN4qXjf%2FxDA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83069683095b58de-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBnfxHamNF__tIMQo12qLNo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
28292
i6.liadm.com/s/ Frame C423
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZW4t5IQOUnz3InHztUa7WgAA%261216&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZW4t5IQOUnz3InHztUa7WgAA%261216&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=b6cb19132eaf447eaebe3cb6fa44d3c8
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-a4-ozuI0FCEByzEQR66H_BrO5GVwTLT6isoPGw
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-a4-ozuI0FCEByzEQR66H_BrO5GVwTLT6isoPGw
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-a4-ozuI0FCEByzEQR66H_BrO5GVwTLT6isoPGw
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2600:1f18:ed:550f:5c53:f7f0:1386:5d9a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 19:52:07 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-a4-ozuI0FCEByzEQR66H_BrO5GVwTLT6isoPGw
Date
Mon, 04 Dec 2023 19:52:07 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
4
crum
dsum-sec.casalemedia.com/ Frame C423
Redirect Chain
  • https://trace.mediago.io/ju/cs/indexexchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=9d9fcb00c392d8852zakor00lprbv8v0
43 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=9d9fcb00c392d8852zakor00lprbv8v0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2c9xnxKTZgvoaQVeHwilKDNeZgkwMvqH1GnKF5PeuVd7JuLOJ3zIjwmZWN3fMQ%2FD2mDJO%2BTmlH1Ak86CxY48gcs3%2FU5ZnTVOeai7TKYrtHBLLNDsQJbK1VZzzHQH2oUHI6vh5miIslFww%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83069683095e58de-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 04 Dec 2023 19:52:04 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=9d9fcb00c392d8852zakor00lprbv8v0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
demconf.jpg
dpm.demdex.net/ Frame C423
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZW4t5IQOUnz3InHztUa7WgAA%261216?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZW4t5IQOUnz3InHztUa7WgAA%261216
42 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZW4t5IQOUnz3InHztUa7WgAA%261216
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
52.51.155.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-155-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v054-0d41b9f76.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Mon, 04 Dec 2023 19:52:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
ai4H3ZFORwk=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-1-v054-0a8662b63.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Mon, 04 Dec 2023 19:52:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
+iUD7RN2Tpw=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZW4t5IQOUnz3InHztUa7WgAA%261216
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame C423
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=E9DBE17703284C178397F81EC2CE2B07
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=E9DBE17703284C178397F81EC2CE2B07
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pvI6snzSCJwTm9plq6SmyztwHGVLWOhiJjPaD4gBQWuoW%2BlUTmqheSE2n7NIFvNB2Wimhf2jC8J3gqAIWouFTvh9dRrpNzuBEb1xhsabzWrJyQ0XVMgV5KUc18%2FaYVUg%2Fzu3MK3Pa%2FnACA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83069683095758de-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 04 Dec 2023 19:52:04 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=E9DBE17703284C178397F81EC2CE2B07
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 03 Dec 2023 19:52:04 GMT
crum
dsum-sec.casalemedia.com/ Frame C423
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=384acb92-6d18-4fe7-ba6f-dd4cbd662f3e
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=384acb92-6d18-4fe7-ba6f-dd4cbd662f3e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uyips0BHyqoDGKdD9aLR1v6OL2sq1BVXW2T2oRK8aFqjbjE3zb6LXTJi2P%2F1SZkpNU0y6EqyiKeeuJbhXm0IU7EQW3Qfn8x4CTovTa1RRbvQJR2ctbrafxTNmENqn3JK%2BP1nf3rzM0q7MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83069683095258de-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=384acb92-6d18-4fe7-ba6f-dd4cbd662f3e
date
Mon, 04 Dec 2023 19:52:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
htw-pixel.gif
cdn.indexww.com/ht/ Frame C423 		43 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZW4t5IQOUnz3InHztUa7WgAA%261216
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:04 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
43767
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
830696735e59450a-TXL
content-length
43
expires
Tue, 05 Dec 2023 19:52:04 GMT
/
avd.innity.com/dc/ 		43 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/dc/?cl=225&cuid=ac997496aecd2d0ec726587422933dfa&cb=1701719524350&douid=&sess=161253165.225.1701719524346&dur=0&ref=https%3A%2F%2Fwww.sanook.com%2F&srf=&pk=&pt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sr=1600x1200&ul=en-US&de=UTF-8&vp=1600x1200
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Dec 2023 19:52:04 GMT
Last-Modified
Mon, 04 Dec 2023 19:52:04 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
/
avd.innity.com/sync/ 		43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/sync/?partner=innity&token=ac997496aecd2d0ec726587422933dfa&type=cookie&itmcb=1701719524351
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Dec 2023 19:52:04 GMT
Last-Modified
Mon, 04 Dec 2023 19:52:04 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F22F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssE62GIl6SQEQBsE-mt2RpS-8avuioPGVTFaXRHnmahOohWku2V1e3LmQS3fwdjGEMSsxKCpKB6ZfQHltSgQHW8M71LO2mucOog4Yb_r3fNdhyx65kpYUHSY6igWjGYs2RcUoJO9PqdTTTTRsMVtkCgZLCLj3TtuR5SOoE5QGkM8ppJB2DZUGPrO-anUw2ZwW69cJWbydwCxTdPBk20S2_M1uOppT2WhVocCaTiScUN99hzQUfqKRjniLGkbhM5yE3U1X3RC5SivxTEB6FvUt6vTabB0-aRiwT2OJ22zQMY96BW-LndSMCzWI_37i4abuFguQLn6Mygk1tgRJsk&sai=AMfl-YSMXCtDs3qtwjT5iVzV1wQ_ZY2qDEhBGVOJkOl2jrnLPH51y1epyDh3I_-tNNzm2sZaXkB8VX4zZPrnKQVB8vd4P9JyP5u-X2A32y9edjrkkrLX1DLNy1MsgPUQMGhUIOspzbHETiYq&sig=Cg0ArKJSzCx7bSdyR2okEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
check
rtbdemand.apiip.net/api/ 		169 B
397 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtbdemand.apiip.net/api/check?accessKey=7ef45bac-167a-4aa8-8c99-bc8a28f80bc5&fields=countryCode,regionCode,regionName,city,timeZone,countryName
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ec8f39a3f88b0cf3a001c5981eaa32271f80410cd9083561955c48fc2a0e0638

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"a9-LrfZrCEK9W56VZ3zKBK0W44AR70"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
83069677b8069b25-FRA
alt-svc
h3=":443"; ma=86400
apstag.js
c.amazon-adsystem.com/aax2/ 		267 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-213.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:45:27 GMT
content-encoding
gzip
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront), 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 20:18:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-C2
age
399
x-amz-server-side-encryption
AES256
etag
W/"2d08dd94de483579c1dc3f3783c06f6e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
yf6-J9vVCSwL55xoZv5sXu3v1VckGzbmSq81Ml5zNDs9OigTXTA2_g==
a.js
p.adlooxtracking.com/gpt/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/gpt/a.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.231.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:02:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
server
nginx
age
2983
etag
W/"81c857a6c52da1ca7444f198bd33b2ea"
last-modified
Tue, 22 Nov 2022 17:41:01 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3703
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F22F 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Dec 2023 19:52:06 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A3A8 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Dec 2023 19:52:06 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 5B21 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 28 Nov 2024 19:52:06 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 5B21 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 28 Nov 2024 19:52:06 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 5B21 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 28 Nov 2024 19:52:06 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 5B21 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 28 Nov 2024 19:52:06 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 5B21 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Hggb3onIsWVZ8cvIipgUU9wqMATJRIe6eQsEOIgjyZM4dpVD2GIx4jFjpG66M6xvJCU0Kr-y09ia0tyLbpzf9qoZ0ECocnOliDK_-SvST_8_RwAnu4YPtHcShBq9oZN3OtyJluNKh5PcDWouAYJBLE7W1oaIoHHrpEF5stkmPWq4SUqblAxqOMiVpy_h9Avys356XYL8_ORPTBOtoA2Rn-BTHeN_dfY0BfrV6pcO4DcYst0lipoTIlxtIcBCuwcHZylBtpI3FMPqes_FRnzN7Oi9tQ2hrlNoh8yIPbfggO0MCcfWvS_0LEZrmiQrnhEEswme4SuUp-CvEuf7NzTSAF3UO93KixS4Z_8h1FfEjTADJje2PwOB6-PqHNxEOj4IIpdib04uw3rGGP-tsTmg0tFn8rrrdLisPiKaggV_cZsT9CxA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:06 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
9087004
expires
Mon, 26 Jul 1997 05:00:00 GMT
ai.aspx
m.exactag.com/ Frame 5B21 		60 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=15&extPu=13929-criteo&extLi=264882&consent_string=&iab=1&rnd=656e2de3a7a44b4d471ecee682f729f9
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.202.235.8 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 19:52:06 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Mo, 04 Dez 2023 07:52:07 GMT
X-ET-Code
0
Content-Type
image/gif
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp
1051
Expires
Mon, 26 Jul 1997 05:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=1.7110561054918227
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-PPnmQAQneXuItbYBTD7I6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-PPnmQAQneXuItbYBTD7I6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=10.65211749355251
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-U97SaA3JGs0SqAXvlixkzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-U97SaA3JGs0SqAXvlixkzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame AC38 		0
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:06 GMT
an-x-request-uuid
9a3a02d0-0bd0-4df9-b400-c7ae47805b00
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.106; 80.255.7.106; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.sanook.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 04 Dec 2023 19:52:06 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
252955
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1&lsw=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:06 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
223380
expires
0
prebid
id5-sync.com/api/config/ 		135 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
0b55ec4e5aa91ac70224085c402a372fcdd954dd4df3229b7de7efbfa86cff3c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Mon, 04 Dec 2023 19:52:06 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
id
id.crwdcntrl.net/ 		43 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.216.8.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-216-8-15.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:07 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache
x-server
10.45.6.147
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ 		63 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
0c9eeaa47634a16e9e7c0ee8f74dbb188d7e4bcfd367666569ac9c22351743bf

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Wed, 03 Jan 2024 19:52:06 GMT
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:07 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:07 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:07 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:07 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:07 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 5B21 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
324439
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v17QQ8YOb82joVrl6mKRUkHQ5RXoI%2BB1SPTzs49VRYEGD0GebUKH%2Bb7fFv%2FNJ6eqx%2FByXiJ7hwbb%2FPrsVhaBYJWwNR4OTd4MfjTw9W%2FGQIsc1LBUVOPL08tDKvq%2FiVMdVtJjEBdvxOcWyBDxphC5TwxQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
830696840b5c1e20-FRA
expires
Sat, 23 Nov 2024 19:52:07 GMT
animejs.js
static.criteo.net/animejs/ Frame 5B21 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 28 Nov 2024 19:52:06 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DFCC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvKxQUbt0SyGjrYNuRbVyDEO_omrqJDkdoKvi7NpD32Rgc5GLBXnGkl5uJ-gmakw6sYace90DT9F9PF4hIDBgdYOu-rjCzms5BkD_-dEqVaFFvliyEUZ_cNB_LSFtGOMDi7GugdwCLB87ot4ex2SyaDOVpGYkDOxMrx8QcBh8hCQ0p4kqKG80tAXCN1tcd_WOnpAy4mXgzC-XYZ0CiuuHveBGqDBE7ZCxFMGUnaE-2CB9tEdkdQ3tqlM9-SX2UMIPTvh_B2Nv74Rz91_XPVSNVWrHJd4eloKfFm6QIwGpjWaSOyv2prevCF2SZedoBjdXNGSvm6TIhVO_AggiXQZNTHJoBTu307-51_NgjQ6EpbyTH9hL8uLk3Ebvoq4yMmUZn-qtM7Yj8pR7A&sai=AMfl-YTFw71cDn3-w2MOBHXS5ei-ApUFFBw9iZ4Bo0fCb9zpIpY0V6DFTYCg8G2qq8vVZ7WfD-tdbLG-x8lkA0RSMIPYzDLViOgAOvAgXGXxDi-Vdes2rDuuJ59iRevNHV-o6t8Mu0bzDzAmQ0JhNCFPhmR_ppQjoSTM8Z5wZg&sig=Cg0ArKJSzA-B1qdJovZDEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com
URL: https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 2D62 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dbfca8f62f4d47d18aac3a1e3ef093fc746cee5fb2dc112f93f6faddfb11e575

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
c1d096976dd24cf8af55f5aef2a3900d_sofiapro-regular-webfont.woff
static.criteo.net/design/dt/ Frame 5B21 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/c1d096976dd24cf8af55f5aef2a3900d_sofiapro-regular-webfont.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
267037fe49ce85195ae3cfe5f7e4039076293f0b6778f6b943130c7940c8335f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 08 May 2018 05:53:55 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5af13b73-7bb4"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 28 Nov 2024 19:52:07 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5B21 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=76&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F8721%2F151110%2Fb36c36e292dd46478a893899a4e21a5f_breuninger_de_all.png&v=3&w=596&rid=4&s=Gdn5MknGv3pijidEoEQ3S0nP
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
fc6eb13198c4d3141d5a302a50f3e3b6e69bff1099894f7f435161579a72571a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
11288
expires
Fri, 25 Oct 2024 01:42:33 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5B21 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F8721%2F5070249%2F6d4ef7054d5947399f835a37bf111969_img_horizontal_1.jpg&v=3&w=1200&rid=4&s=6DD-LBaHDMvehhHES82a-kfQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b2838c013485964dd95c878559dfc6b84932e1bc3d58d7e37b32bb63c5e6e222
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
51044
expires
Sat, 09 Nov 2024 13:49:18 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5B21 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F7%2F100150066615000_0_1690794469930.jpg&v=3&w=400&rid=4&s=ZNhz2aexkpaRRmG2LNrg2pf7&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5f15dd9661e999d7365a0243aae5bfbd736d36b11946dc72825793ee60b1ddf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=7776000
timing-allow-origin
*
content-length
9644
expires
Wed, 07 Feb 2024 16:00:58 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5B21 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F10%2F100149771715000_0_1696487527867.jpg&v=3&w=400&rid=4&s=GMPxh1tfTxSS8mM8zWjNDaaW&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bd591de37c3cfc80aae4caf27152103ab575f78bd92193556e48c1aeb728e0de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=7776000
timing-allow-origin
*
content-length
3892
expires
Sat, 03 Feb 2024 15:49:38 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5B21 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F9%2F100149777614000_0_1694761417946.jpg&v=3&w=400&rid=4&s=GOKwrkqJuL7zLC8JO2seemQo&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
217363ba16ee2d4ec1746e88286ee68b9e4f747caf06142a0eaa284f80df0c7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=7776000
timing-allow-origin
*
content-length
4728
expires
Fri, 16 Feb 2024 12:48:00 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5B21 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F7%2F100147959919700_0_1689763708387.jpg&v=3&w=400&rid=4&s=9sEb4-7vFbUW-wWztsaGCmtK&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4aac1e1978094f35833eee36e824d4efdf0c16a38086db318c4586c41bc79312
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=7776000
timing-allow-origin
*
content-length
5718
expires
Sat, 24 Feb 2024 16:10:24 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5B21 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F5%2F100131711115000_0_1652997225420.jpg&v=3&w=400&rid=4&s=Wmb4Z1MCv13n280V2u5r0cFg&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ef5f338df7591ca6ce59e1eacd77e870502cc909d36ff9b1c3c4ec06f10a5eae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=7776000
timing-allow-origin
*
content-length
7388
expires
Fri, 09 Feb 2024 14:45:54 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5B21 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F10%2F100156585517500_0_1696835882914.jpg&v=3&w=400&rid=4&s=clz8-6Uqo8249Hz8P9gKzVHZ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
832d3d6a92e684c30eb9f9c0f4187545cb0c103645ee7c3f4f91cb5f4d46ffcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=7776000
timing-allow-origin
*
content-length
5444
expires
Thu, 08 Feb 2024 15:55:07 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5B21 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F9%2F100148094012000_0_1696006185412.jpg&v=3&w=400&rid=4&s=k3gENIE6VmSqNF5-RTKajHzf&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2efcf16ce3beffb541c3abb00625ea8be7e0fa53ebaa3281f921bd1a87f546af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=7776000
timing-allow-origin
*
content-length
4418
expires
Thu, 01 Feb 2024 10:36:17 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5B21 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F5%2F100072833215000_0_1684738012939.jpg&v=3&w=400&rid=4&s=gHSIC9G9Wea6AYYwGH4bKpL0&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08097c2c1e613cd4b5435630303c93434c5357af43a23228630da634cc010697
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=7776000
timing-allow-origin
*
content-length
7272
expires
Thu, 08 Feb 2024 14:11:07 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5B21 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F3%2F100147132418700_0_1679651139882.jpg&v=3&w=400&rid=4&s=dblVvJQxGGEYxFCp2_GW_rtF&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ab9bf5356fde4d0a883d300594d2cd45afd6c6202955fd68e3a11a660b7f6396
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=7776000
timing-allow-origin
*
content-length
4904
expires
Sun, 25 Feb 2024 07:41:06 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5B21 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F9%2F100150068819700_0_1694075488794.jpg&v=3&w=400&rid=4&s=c59VnhUq2MoajyjLhdnDyYeL&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c8985002f268ae0e88a430ffda3a3d906a6f0c08efbdca65bd86922e046a5118
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=7776000
timing-allow-origin
*
content-length
6118
expires
Wed, 07 Feb 2024 09:11:12 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5B21 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fs3li%2F1122x1536%2F16%2F12%2F100054296613000_0.jpg&v=3&w=400&rid=4&s=uiTH-JjjL7GPRFS3Ul9Smsdq&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ce7efaa2a22ebe26b1804d276a8dfcac9ef2d536df967ddd924e6f4fd1b0afac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=7776000
timing-allow-origin
*
content-length
8280
expires
Tue, 06 Feb 2024 12:01:45 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5B21 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F11%2F100150784313000_0_1699367423044.jpg&v=3&w=400&rid=4&s=YVIgs7EBa66x7vM3zitLHaWI&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b789d55d1e8e6bf830e4febf3d2203899395d153deb08979b807923fa2fb04e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=7776000
timing-allow-origin
*
content-length
2630
expires
Wed, 07 Feb 2024 09:22:36 GMT
all
csm.eu.criteo.net/ Frame 5B21 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=XQlInqGeomRNV-vyMoVNsqgEaaXP8kUEb4xWloaJp-kZqkxz9EabC-2Ob2RcCktKtlScq55juuKdeqoDQw8Qv7P2wIC2HqhUarN7EGPhzSx7a9HnH2Evm9f7CNOTMTPrdIQBkq0ok7PAT8OaGMFd01IQspJmZyb-EqoSNoEqUr9hEEDWsZ9bg-5n3o9OQHNlL_jAiCZsNWXEWQtNhO9Y6NOmx1Vu0cucZXGs_EZ8gA6FwVNC0RWcueiZhKo&sds=2&rev=89278&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 04 Dec 2023 19:52:06 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5B21 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 28 Nov 2024 19:52:07 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 5B21 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 28 Nov 2024 19:52:07 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/ Frame DFCC 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079874
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c44b1665bde2b3f0a1b356fec4559832ae270f7180b48265da8832815698a55e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 22:31:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
76832
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138089
x-xss-protection
0
server
cafe
etag
6648938400208870771
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 02 Dec 2024 22:31:35 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F22F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-uAlf4Ef_7LK1cmwJpvy4VdB_Np-vbNq45uTNHyfSkpf0xP0NSiSI0wsCnSjgP9ID8jeR2iTw_pD9W1g0X99zqpK1Xdx-0tcj1TvBLv36BxFMoufB8cdGuYDjeENPTp0ZzlKqy8TXIe-7z6Bu6HBUdclyXMI2SnytkEhw7aGLd3gik2ujRF3OacBVOlYdt-TdN5GNKX9bqyv-zyoSQshmXUmu_cOlJLV-DJHnpGx8lD0ZEY2wvVj1C1VZ_ktlQoBSYF3uTi4K4VkBbKgD3972ynyHBGfEXAWXekJ3tCaKA0q_guzMWGxJBzYOerx_h5hxUI1V_-shtoJCxlZ1_YI&sai=AMfl-YRzyeKX_7ehvVHs7a4qKW5ibo_bM-P5qgqd2-nfTT6ZFdXCgysIwNCC9fT_9TkHUF0ZyrUQcdvCoeiAhPHMNmFwymN_oCT8wE-lFB6fjbbgbR4SNTBmd5SDRqqGSa6T07pwzLN_1QGA&sig=Cg0ArKJSzK7Xng3TkoxzEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Dec 2023 19:52:07 GMT
AGSKWxUYLA5IQdyb3Og3x89WDf1IpJzFUvnyzApm1mistm0fsXtPctyhIlHQKsB3rDFr2k7TVgNwClRHpGzs8z0aTcWZKjcJvzyHaiQ-VTlKzqwt3L68R9A2ognGAVlNcC47YeTeJJLRQg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUYLA5IQdyb3Og3x89WDf1IpJzFUvnyzApm1mistm0fsXtPctyhIlHQKsB3rDFr2k7TVgNwClRHpGzs8z0aTcWZKjcJvzyHaiQ-VTlKzqwt3L68R9A2ognGAVlNcC47YeTeJJLRQg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.p7t_m2oGp8Q.es5.O/am=AAM/d=1/rs=AJlcJMysrlPDx9ciiHy-YjfGSJSq1JOS2g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_0ERQd05gdsRGUJVK1WctA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Dec 2023 19:52:07 GMT
content-security-policy
script-src 'report-sample' 'nonce-_0ERQd05gdsRGUJVK1WctA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
13f8d11d1f26bafa0412af09d06db89861d8a73907791447389d4dc2d5b8c3cc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Mon, 04 Dec 2023 19:52:06 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
truncated
/ Frame DFCC 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff9185c5b6810c6b41e2307e9da707adef8637c795a85442e8a14bd9b256c78b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
cd6cddc5-4dca-4d77-9a65-8b894400e772
config.aps.amazon-adsystem.com/configs/ 		537 B
813 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-129.ams58.r.cloudfront.net
Software
CloudFront /
Resource Hash
313d7bad01577d169a368d471264cd2228b145a183fba42679f41e1d2b2a9f27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:51:21 GMT
via
1.1 bf57ce1929fb438631e46b2c83b05e2a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS58-P1
age
46
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
fMuHx9JWQfLREuuEZttg6JFWAjJ6NK-ZylymzDc4xu0uAXT2xjPnaw==
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.sanook.com&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-213.fra56.r.cloudfront.net
Software
Server /
Resource Hash
c86d792f85479bc941b4eb8e817e461f88e5b57097f65c48529b509857bda2ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 16:21:22 GMT
via
1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
age
12645
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2196
x-amz-cf-id
Zmejnmr7IxndAGkzIkJxF2PfImMGfkJH89rCTWEL4Y4oaL7g8g2pyQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-213.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
date
Mon, 04 Dec 2023 05:24:49 GMT
x-amz-cf-pop
FRA56-C2
age
52039
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
uB0LXOwvVOGnz7bUefUbfRCQEjFrbctIsyXTQaFaQOhNYs-15qba3A==
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ECC1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
17576
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 14:59:11 GMT
expires
Tue, 03 Dec 2024 14:59:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BBFB 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e0133ad069dd9fc510b0c60d829f208f017e3ce216ccadb81472efa42c1519bd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yevW1wO8k-hUQ2g0p_mzVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-yevW1wO8k-hUQ2g0p_mzVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 19:52:07 GMT
expires
Mon, 04 Dec 2023 19:52:07 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.239.88 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-239-88.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:07 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Mon, 04 Dec 2023 20:07:07 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.18.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-18-33.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 02:08:58 GMT
content-encoding
gzip
via
1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P6
age
63790
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
VsK9zRJ4tJiwSiqyviM7Iqo_tTwfxJNGRJcHN4UFy0BFzXAk9GTGqA==
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.sanook.com%2F&ref=&_it=amazon&partner_id=632
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:07 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 29 Nov 2023 15:31:45 GMT
server
cloudflare
x-amz-request-id
01C975WVAA3JDKHJ
age
1154
etag
W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
83069685accc8ff5-FRA
x-amz-id-2
hxb2Br8vf2uBBniSeqakgjztWKIPtATtD6bN1gV+n3Vg6mNMl2rDRQL+gF8pDyHWIII6UuGjSsI=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		151 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Nov 2023 11:19:25 GMT
server
cloudflare
x-amz-request-id
0P6Z0AQG2DYRPXSW
age
397
etag
W/"53159e4ae3ffbda2ff6c0204350035be"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
83069684f8dd90fb-FRA
x-amz-id-2
ABUCm9Q36x0qdl6LOOGaEXIszCsibZlNFv89npFBWS+ba3kRNZDAhDsHOeIqILxaSOfwP7z9V6c=
view
securepubads.g.doubleclick.net/pcs/ Frame DFCC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsshEkUXAUzUbL9PqBP-FWqFiIvvIUjyLCkUsiO5A1IeBidWWkHVdEMJG7BzpHbvEege_3Zq4gnpHcq5RdGpGIBXMNJTi2V7l2jWk2iTLh0KCKSb3j4s4mEyoJLxaWmMyw8a1i2ebbT0NSqIl80U8_kjiv0y5XHWbOs_jdIVGaRx0Ke5waeD1Wo5rC9_Nxj7xTY5R60vBkR37e0ts4M0QtRs6mS1ljDWhhPMFhzHlxKl60365yR_1GHU7IoXDrDmNw_h24OqN3jBPdNP8CY0ZHNGAz75vYPG3XcNXArqRm0C52ftOy0_4TraevEcnJIflzV-B9CVcUT9VG2T2neoK03vfzXTEgPiTZR307h7_shERicZ5tA9ljR7-ywe9kXcCdMK_n5S3iPWoFIHPg&sai=AMfl-YTOSrKki8rVGA2ZCF_RTkG5sKXrEhE8Nmeu8pH8PXOvbZCztBLbrmNlddAXBNv7tqBfFOQ1MwLgWIH0LvuxGL9Ht80E-x1ZmdWcueP9A4z361yxGDKyS1pdph2hkfS3mkQHO5RzqnAyqogwg76XWFBD8aHsImLETOGhDQ&sig=Cg0ArKJSzPq47cPWoVQBEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Dec 2023 19:52:07 GMT
prebid-custom-richaudience.js
rtbpass.andbeyond.media/ 		602 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e703a095f6114a9905c889cd75b7bd1059a758b00d3c01ca55f3f064a686a389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:07 GMT
content-encoding
br
via
1.1 varnish
x-amz-request-id
9RS60E4ESVW64HVV
age
30
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
190838
x-amz-id-2
Ma1H0/Ffn3qRW9D28FhNvouBktCPR7ftx71WiuvoYMyIJhhYjHNoFCmbuY4QEeE6GZGpfq/Rx6o=
x-served-by
cache-fra-eddf8230104-FRA
last-modified
Thu, 14 Sep 2023 12:35:17 GMT
server
AmazonS3
x-timer
S1701719527.303022,VS0,VE2
etag
"5557f783869e27322374ad505b755076"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=86400
accept-ranges
bytes
x-cache-hits
1
img
imageproxy.eu.criteo.net/img/ Frame 5B21 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F9%2F100149777614000_0_1694761417946.jpg&v=3&w=400&rid=4&s=GOKwrkqJuL7zLC8JO2seemQo&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
217363ba16ee2d4ec1746e88286ee68b9e4f747caf06142a0eaa284f80df0c7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=7776000
timing-allow-origin
*
content-length
4728
expires
Fri, 16 Feb 2024 12:48:00 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5B21 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F10%2F100149771715000_0_1696487527867.jpg&v=3&w=400&rid=4&s=GMPxh1tfTxSS8mM8zWjNDaaW&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bd591de37c3cfc80aae4caf27152103ab575f78bd92193556e48c1aeb728e0de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=7776000
timing-allow-origin
*
content-length
3892
expires
Sat, 03 Feb 2024 15:49:38 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5B21 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F7%2F100147959919700_0_1689763708387.jpg&v=3&w=400&rid=4&s=9sEb4-7vFbUW-wWztsaGCmtK&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4aac1e1978094f35833eee36e824d4efdf0c16a38086db318c4586c41bc79312
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=7776000
timing-allow-origin
*
content-length
5718
expires
Sat, 24 Feb 2024 16:10:24 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5B21 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=76&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F8721%2F151110%2Fb36c36e292dd46478a893899a4e21a5f_breuninger_de_all.png&v=3&w=596&rid=4&s=Gdn5MknGv3pijidEoEQ3S0nP
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
fc6eb13198c4d3141d5a302a50f3e3b6e69bff1099894f7f435161579a72571a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
11288
expires
Fri, 25 Oct 2024 01:42:33 GMT
617.json
id5-sync.com/g/v2/ 		250 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/617.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
e26fd6d81da78c22e7646364f04a929f11313b9b12e04c181efa03135a83f03a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Mon, 04 Dec 2023 19:52:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
sodar
pagead2.googlesyndication.com/pagead/ Frame BBFB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311280101&jk=2431512832835613&rc=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ Frame DFCC 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1525624108523641&correlator=2125777741957737&eid=31079784%2C31079874&output=ldjh&gdfp_req=1&vrg=202311300101&ptt=17&impl=fif&us_privacy=1---&iu_parts=21710144538%2CDisplay-Bidserv%2CGAM-DSK-sanook.com-Direct-RSwPB-STDB-728x90&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=468x90%7C728x90%7C468x60&ifi=1&sfv=1-0-40&click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjst5_rJPYsd3W-skRXiKA40hucJiB1vf9sZ5Db-Wt8r0RVueNGzEQCXkmIW7Gip8CKD076tkPSkjdyWLMWtB3J0A1Igq9lm67ryhlqP7HAfB6IEXlNm14Nl1g-3j6vhleeSSFaQ0nLLVyXb8pXx7NGJjXFUn91R_zL_I9mWBBC6d0OVXkaaIDUXMogEnbZTAzkq-NUG6O9RlkyBVIj9BRqdAE9uC_Y9JCKhBkcZq21PvCWstXzcdI6zxJ_y4a7L6k3y0AWM0Et2UQZTRnOGnPvbY0zxMOr6uhuepcZJkGyzYsTW5gjJljwIte_DtKUSCegtEqy2JlmNyRXlfKgw1EIWrx5E6jaANxllJWzZVglDE82kPdqKyE2ChFo_L8vM0Ow24MccnZGI%26sai%3DAMfl-YRw-zf4OSHkaDBmZ_RMlTKWfkmKFJAYMXji5fJ9XcZ2cCTe6v1vpg-0HdASkDQg0JmU185Q1r8RErcWJFgdjyJnqiSjndoSRtIv_uY71rnRWSd_9yN6MqfjH_Zh1Y_6IAypdeSFX2SpP-2d-bed1v3RNrBU7d8KlbVeNQ%26sig%3DCg0ArKJSzP05cFu3M9koEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&eri=4&sc=1&cdm=a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com&abxe=1&dt=1701719527237&adxs=0&adys=0&biw=-12245933&bih=-12245933&isw=728&ish=90&scr_x=-12245933&scr_y=-12245933&ucis=tprqq9xfb4j5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=sanook.com&loc=https%3A%2F%2Fa6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&top=www.sanook.com&etu=AA-V4qOzUrXuJm06Qkvpcpim9BH7oxtGYqN81gUsc7e3fOcyHYeqVGTI_y0OAxXXe0xJBwYpbrVGfkfI&vis=1&psz=0x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1643973249.1701719527&ga_sid=1701719527&ga_hid=1383494383&ga_fc=false&dlt=1701719524194&idt=2956&adks=3971943601&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079874
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
62dd4dacff1bc09cf71f6042f5e2afb89b53db1333447b80def6815e58b324a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12391
x-xss-protection
0
google-lineitem-id
6358577706
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138443196181
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame DFCC 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311300101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079874
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64cd311081260097d34f79b99498ee73fdc817a629f9d7678401317c2cd54dc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12293
x-xss-protection
0
container.html
f607b4521fa3239412fa7c19d1e1bd2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D79D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f607b4521fa3239412fa7c19d1e1bd2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079874
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 19:52:07 GMT
expires
Tue, 03 Dec 2024 19:52:07 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame ECC1 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:45:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
7610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Dec 2024 17:45:17 GMT
map
bcp.crwdcntrl.net/6/ 		60 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.165.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-165-240.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
58987809fe0fc8b1ab3f236a1e9c03863b7a843cffc1c0b4b7a9b3896e371b17

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:07 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache
x-server
10.45.12.119
access-control-allow-credentials
true
content-length
60
expires
0
img
imageproxy.eu.criteo.net/img/ Frame 5B21 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F8721%2F5070249%2F6d4ef7054d5947399f835a37bf111969_img_horizontal_1.jpg&v=3&w=1200&rid=4&s=6DD-LBaHDMvehhHES82a-kfQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b2838c013485964dd95c878559dfc6b84932e1bc3d58d7e37b32bb63c5e6e222
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:07 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
51044
expires
Sat, 09 Nov 2024 13:49:18 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5B21 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F7%2F100150066615000_0_1690794469930.jpg&v=3&w=400&rid=4&s=ZNhz2aexkpaRRmG2LNrg2pf7&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5f15dd9661e999d7365a0243aae5bfbd736d36b11946dc72825793ee60b1ddf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=7776000
timing-allow-origin
*
content-length
9644
expires
Wed, 07 Feb 2024 16:00:58 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5B21 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F5%2F100131711115000_0_1652997225420.jpg&v=3&w=400&rid=4&s=Wmb4Z1MCv13n280V2u5r0cFg&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ef5f338df7591ca6ce59e1eacd77e870502cc909d36ff9b1c3c4ec06f10a5eae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=7776000
timing-allow-origin
*
content-length
7388
expires
Fri, 09 Feb 2024 14:45:54 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5B21 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F9%2F100148094012000_0_1696006185412.jpg&v=3&w=400&rid=4&s=k3gENIE6VmSqNF5-RTKajHzf&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2efcf16ce3beffb541c3abb00625ea8be7e0fa53ebaa3281f921bd1a87f546af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:07 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=7776000
timing-allow-origin
*
content-length
4418
expires
Thu, 01 Feb 2024 10:36:17 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5B21 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F10%2F100156585517500_0_1696835882914.jpg&v=3&w=400&rid=4&s=clz8-6Uqo8249Hz8P9gKzVHZ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
832d3d6a92e684c30eb9f9c0f4187545cb0c103645ee7c3f4f91cb5f4d46ffcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=7776000
timing-allow-origin
*
content-length
5444
expires
Thu, 08 Feb 2024 15:55:07 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5B21 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F3%2F100147132418700_0_1679651139882.jpg&v=3&w=400&rid=4&s=dblVvJQxGGEYxFCp2_GW_rtF&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ab9bf5356fde4d0a883d300594d2cd45afd6c6202955fd68e3a11a660b7f6396
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=7776000
timing-allow-origin
*
content-length
4904
expires
Sun, 25 Feb 2024 07:41:06 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5B21 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F5%2F100072833215000_0_1684738012939.jpg&v=3&w=400&rid=4&s=gHSIC9G9Wea6AYYwGH4bKpL0&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08097c2c1e613cd4b5435630303c93434c5357af43a23228630da634cc010697
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:07 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=7776000
timing-allow-origin
*
content-length
7272
expires
Thu, 08 Feb 2024 14:11:07 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5B21 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F11%2F100150784313000_0_1699367423044.jpg&v=3&w=400&rid=4&s=YVIgs7EBa66x7vM3zitLHaWI&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b789d55d1e8e6bf830e4febf3d2203899395d153deb08979b807923fa2fb04e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:06 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=7776000
timing-allow-origin
*
content-length
2630
expires
Wed, 07 Feb 2024 09:22:36 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5B21 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fs3li%2F1122x1536%2F16%2F12%2F100054296613000_0.jpg&v=3&w=400&rid=4&s=uiTH-JjjL7GPRFS3Ul9Smsdq&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ce7efaa2a22ebe26b1804d276a8dfcac9ef2d536df967ddd924e6f4fd1b0afac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:07 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=7776000
timing-allow-origin
*
content-length
8280
expires
Tue, 06 Feb 2024 12:01:45 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5B21 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F9%2F100150068819700_0_1694075488794.jpg&v=3&w=400&rid=4&s=c59VnhUq2MoajyjLhdnDyYeL&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c8985002f268ae0e88a430ffda3a3d906a6f0c08efbdca65bd86922e046a5118
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:07 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=7776000
timing-allow-origin
*
content-length
6118
expires
Wed, 07 Feb 2024 09:11:12 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DFCC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079874
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Dec 2023 19:52:07 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8F2C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsusY0qoKBP9ydjOwXtg4cx5Q2ALScXTotm20_wblgEAWzHFM6UJ8GBlj0_ZNXNONWP2zacOFsDt7ZZvkvm5XKOMwIuAVNkw0w4eGwuhdV1uS4bZwTi_YzzLzEFwbwsozawoKj7W0q0WfnQBwH5RozGEgDpg-gbFVnHe6fJ5WQbUO50EkQ5HOw7OX-xet3rz3WXRnrshGXJGUIBirVFRHUn2JrYx9t1bpxhBO7PXN3rOJL3N5uS7tDCKOhQ4moHtTUUKQ6ROegFwAChlu_BkQzS6EEvs5vPYT-8kL6JO-IZvypxjHa-gFUqsIaTMfVUzcsDHNwYLAWbHrtC_AxkkW_SbdlqKytJDjqEyCg_vNF4esTEcy8kRy_c_lfZc1GdCwLoqAQ&sai=AMfl-YTWJDWE3KILAutUq__owzoV3PfC-KRJPWC-bATiNlXjU3Whj5ofgcBdJfU1615tCz5Ex5vV3zdiHWLJkcIG8o9-uCyV6q2CUziUdpeNwFwJfIwKATde&sig=Cg0ArKJSzOqyNiLQJ85MEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 8F2C 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079874
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a3956b6c7e87de3d9e052814fa5ce9f6114e8a8e57b8ede79129808c26791180
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10267
x-xss-protection
0
server
cafe
etag
15601466623005433828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 04 Dec 2023 19:52:07 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8F2C 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079874
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Dec 2023 19:52:07 GMT
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=632&sync=0&domain=www.sanook.com&url=https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.sanook.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
830696873f2c690d-FRA
content-length
0
content-type
application/json
date
Mon, 04 Dec 2023 19:52:07 GMT
debug
OPTIONS block
expires
Tue, 03 Dec 2024 19:52:07 GMT
server
cloudflare
hadron.json
id.hadron.ad.gt/v1/ 		95 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=632&sync=0&domain=www.sanook.com&url=https://www.sanook.com/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.sanook.com%2F&ref=&_it=amazon&partner_id=632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d33247e83dec1323d2ae9bc98565c27e5cef5f88de426ff218733bf8f7eeb05e

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 04 Dec 2023 19:52:07 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
830696881808690d-FRA
adview
securepubads.g.doubleclick.net/pagead/ Frame 2D62 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CQMK94y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLMCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOJcgI72MSMMIqUl8emGSFuZsLuyLuchMsPt_Mz7SZnKRRiren53kOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA4AKA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAbIXHAoaEhRwdWItNjE2NzIzODcxMjcyOTAzMhj3gRA&sigh=K-nvSlK8QUI&uach_m=%5BUACH%5D&cid=CAQSTgDICaaNtW8IDaHek5rRPcovVAhX6wcE5HOyZGb1AEhr3LFMX8dWgQq9jD2X6cB20OoWeofwjAy9XbtCeEtblxdB_dDLnBI42Ak7-uQLKBgB&cbvp=2&vis=1
Requested by
Host: a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com
URL: https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 2D62 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k7KVEMc1rAL6AZ2DYgICAAAAWMDbM_0RL8RD1nKCsj9N8RDjLW5lhoBQaLto8sDLdQAAEgAACgpBUVVERHdFQkR3&wp=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&cbvp=2
Requested by
Host: a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com
URL: https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:07 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
161874
server
Kestrel
content-length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 825B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
17576
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 14:59:11 GMT
expires
Tue, 03 Dec 2024 14:59:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6170 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a77416340ef4d50c1ad457ecaba7501d075b9d9aa019b4ebac8147268aa4ae1c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-psmCgI4ATzmZtE8hPrtDKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-psmCgI4ATzmZtE8hPrtDKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 19:52:07 GMT
expires
Mon, 04 Dec 2023 19:52:07 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
wrapper.html
wrappers.geoedge.be/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wrappers.geoedge.be/wrapper.html
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:8400:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

x-amz-version-id
gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
date
Mon, 04 Dec 2023 02:54:10 GMT
via
1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 12:46:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
61078
etag
"4a6c546fe449447f2a620613c0655458"
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
3121
x-amz-cf-id
J_pnOCUBDFPG3mvo-jO2-G9EqE7Hj6jZtdKxLla4GO5oqpf3sDBzww==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 8F2C 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e82a9a942df4d55660289375a45036be26234e2fb6e8ab5f20f3b725aae29ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52733
x-xss-protection
0
server
cafe
etag
12988307618757567092
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 04 Dec 2023 19:52:07 GMT
truncated
/ Frame 8F2C 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
907838ccabab2b1dc22f8614d985eacb86a04da9d97cf5e4bf8f5f02318e707d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 6170 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311300101&jk=1525624108523641&rc=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 825B 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:45:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
7610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Dec 2024 17:45:17 GMT
generate_204
tpc.googlesyndication.com/ Frame ECC1 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?c3GKyA
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:07 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/ Frame 8F2C 		398 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1714061154748628&plah=a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b63ca2dbcf9171f125880e9c7dfdd328c35b0e6ecf7e59ed1975421c1fc52b10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137669
x-xss-protection
0
server
cafe
etag
12941834828250484235
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 04 Dec 2023 19:52:07 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame A055 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
82358
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 20:59:29 GMT
etag
12051592065903069241
expires
Sun, 17 Dec 2023 20:59:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 825B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?pZjYQA
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:07 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
adClick
fundingchoicesmessages.google.com/f/AGSKWxVGYd7HFFRPP67R0I_mv1e5q8drGHjAnDNS_1ojnNjfgEOXq_Tnk-yeS_EjXRF-khk2dwD0jTrCU3c8Yr3A9nzUycNyk3fOks1_3_8_qzbSE2eJYZ86cZvXG60vxR0dzCmysbvLb4bw-Y6vk4MzUoALONQpK... 		54 B
108 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVGYd7HFFRPP67R0I_mv1e5q8drGHjAnDNS_1ojnNjfgEOXq_Tnk-yeS_EjXRF-khk2dwD0jTrCU3c8Yr3A9nzUycNyk3fOks1_3_8_qzbSE2eJYZ86cZvXG60vxR0dzCmysbvLb4bw-Y6vk4MzUoALONQpKm4cNahtxkqlW-OmuaJ1S0s-ARNULr6t/_/adClick?/gafv_adapter.-article-advert-/ad_util./headerAdvertismentTab.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.p7t_m2oGp8Q.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMyq8e0qn6nX5sRPkThyv1avl4FeQA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1ae05b24a517641bb42f8acb28e27bc00e482e46fe4217f0fb85219909eccd4c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aiZsE-IxZxHyyy_dFJpMSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:07 GMT
content-security-policy
script-src 'report-sample' 'nonce-aiZsE-IxZxHyyy_dFJpMSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
lidar.js
pagead2.googlesyndication.com/pagead/js/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.p7t_m2oGp8Q.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMyq8e0qn6nX5sRPkThyv1avl4FeQA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a0cfeb3ca8a8574d1b96bb634739f2d33525dea2cfa52a958b685bdb597c594
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:33:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
1093
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30708
x-xss-protection
0
server
cafe
etag
11528220969406544827
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 04 Dec 2023 20:33:54 GMT
AGSKWxUYLA5IQdyb3Og3x89WDf1IpJzFUvnyzApm1mistm0fsXtPctyhIlHQKsB3rDFr2k7TVgNwClRHpGzs8z0aTcWZKjcJvzyHaiQ-VTlKzqwt3L68R9A2ognGAVlNcC47YeTeJJLRQg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUYLA5IQdyb3Og3x89WDf1IpJzFUvnyzApm1mistm0fsXtPctyhIlHQKsB3rDFr2k7TVgNwClRHpGzs8z0aTcWZKjcJvzyHaiQ-VTlKzqwt3L68R9A2ognGAVlNcC47YeTeJJLRQg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.p7t_m2oGp8Q.es5.O/am=AAM/d=1/rs=AJlcJMysrlPDx9ciiHy-YjfGSJSq1JOS2g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gLkkuS9Cgif7vTKl-8y8kA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Dec 2023 19:52:07 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gLkkuS9Cgif7vTKl-8y8kA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
632
a.ad.gt/api/v1/u/matches/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/632?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.sanook.com%2F&ref=&_it=amazon&partner_id=632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
514c143c87b367ad452e458535feba837f1c0201b38055ecfc1e772bd32f80e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 04 Dec 2023 19:49:05 GMT
server
cloudflare
age
183
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
8306968b8f9635e8-FRA
AGSKWxUYLA5IQdyb3Og3x89WDf1IpJzFUvnyzApm1mistm0fsXtPctyhIlHQKsB3rDFr2k7TVgNwClRHpGzs8z0aTcWZKjcJvzyHaiQ-VTlKzqwt3L68R9A2ognGAVlNcC47YeTeJJLRQg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUYLA5IQdyb3Og3x89WDf1IpJzFUvnyzApm1mistm0fsXtPctyhIlHQKsB3rDFr2k7TVgNwClRHpGzs8z0aTcWZKjcJvzyHaiQ-VTlKzqwt3L68R9A2ognGAVlNcC47YeTeJJLRQg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.p7t_m2oGp8Q.es5.O/am=AAM/d=1/rs=AJlcJMysrlPDx9ciiHy-YjfGSJSq1JOS2g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LKkfkhkdKHzEOqkT2LNvIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Dec 2023 19:52:07 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LKkfkhkdKHzEOqkT2LNvIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUYLA5IQdyb3Og3x89WDf1IpJzFUvnyzApm1mistm0fsXtPctyhIlHQKsB3rDFr2k7TVgNwClRHpGzs8z0aTcWZKjcJvzyHaiQ-VTlKzqwt3L68R9A2ognGAVlNcC47YeTeJJLRQg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUYLA5IQdyb3Og3x89WDf1IpJzFUvnyzApm1mistm0fsXtPctyhIlHQKsB3rDFr2k7TVgNwClRHpGzs8z0aTcWZKjcJvzyHaiQ-VTlKzqwt3L68R9A2ognGAVlNcC47YeTeJJLRQg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.p7t_m2oGp8Q.es5.O/am=AAM/d=1/rs=AJlcJMysrlPDx9ciiHy-YjfGSJSq1JOS2g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ZIGoMtoX70a_Rw146SBw6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Dec 2023 19:52:08 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ZIGoMtoX70a_Rw146SBw6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.sanook.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUYLA5IQdyb3Og3x89WDf1IpJzFUvnyzApm1mistm0fsXtPctyhIlHQKsB3rDFr2k7TVgNwClRHpGzs8z0aTcWZKjcJvzyHaiQ-VTlKzqwt3L68R9A2ognGAVlNcC47YeTeJJLRQg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUYLA5IQdyb3Og3x89WDf1IpJzFUvnyzApm1mistm0fsXtPctyhIlHQKsB3rDFr2k7TVgNwClRHpGzs8z0aTcWZKjcJvzyHaiQ-VTlKzqwt3L68R9A2ognGAVlNcC47YeTeJJLRQg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.p7t_m2oGp8Q.es5.O/am=AAM/d=1/rs=AJlcJMysrlPDx9ciiHy-YjfGSJSq1JOS2g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-hUGZJoN40hXrEMFn7XBJIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Dec 2023 19:52:08 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-hUGZJoN40hXrEMFn7XBJIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.sanook.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUiIw_a7u8WDTGidgTdmQIZ5_O0SCUyKakDAksS3L-nmWTkQA4AUHlpc5yVAEd2MDU5SE3DUXSMwr9e8JIDntGqdg6W5QqliEn52ILUPhZHBX0citSrojsynNK6GDB4H4SyDZgeJg==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUiIw_a7u8WDTGidgTdmQIZ5_O0SCUyKakDAksS3L-nmWTkQA4AUHlpc5yVAEd2MDU5SE3DUXSMwr9e8JIDntGqdg6W5QqliEn52ILUPhZHBX0citSrojsynNK6GDB4H4SyDZgeJg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxNzE5NTI3LDkxMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LnNhbm9vay5jb20vIixudWxsLFtbOCwicDd0X20yb0dwOFEiXSxbOSwiZGUiXSxbMTYsIlsxLDEsMV0iXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.p7t_m2oGp8Q.es5.O/am=AAM/d=1/rs=AJlcJMysrlPDx9ciiHy-YjfGSJSq1JOS2g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
18b13a0b65233357b08c5ca8f983a58413aab4f131896e3c245146f082c07332
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-XYMurRbjCZHUzVLq6F80mg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:08 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-XYMurRbjCZHUzVLq6F80mg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8F2C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNlQ1d4AebNzh3ILggAad5kS--RScFplCG6Ce18E7h1SplXb1AQp4Rm7O4ct3oR3r2cXmRfSLshN0C3vzE6RO3hAwz2WooD9123Z7jenF0EnBejZTssPBNkqMCkfw9t0fq4QSJg4q8ML1iruhPy4yOU4Cs9MXj2DLXO-p9uYKHuFUGF8AKgdqrNAd-vuRcMf2Dd99oUeCscpwJB_eOnBP78ZthS8b-5XfZkMLrZ6ify4LG_nbQriy3dL4sauJNABwEaZWY9Cz8IIiM_CwX7tdDwivW9o3ydUmaTPeiGe92ZOFldfZiTJb9KMfNmTwtibOQkdqKtNWDdX21X0PGodkVrGAL6jq9uT3kMaDXwvEMur5Q5Wfp1uvb2c8ALMbZ2pDWN3Sd&sai=AMfl-YS4y042PmAJ8ZdSMkfkoTW7r_tomHpTTcEdWrqZ5Ak9d8dzLay-lLlFUgpFQCYSKcwIJmQ_77AaIRAU2mlRPqnfwytf4_IA9Arn_4glpWpRG6GMrdjV&sig=Cg0ArKJSzDad5pmlS1DBEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Dec 2023 19:52:08 GMT
4667
ssrv.bidsxchange.com/ Frame E85D
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1714061154748628&output=html&h=90&slotname=DSK-ADX-MCM-sanook.com-TH-Direct-RSwPB-STDB-728x90-0.50-New&adk=970148494&adf...
  • https://ssrv.bidsxchange.com/4667
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssrv.bidsxchange.com/4667
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1714061154748628&plah=a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4d8896752f7ef79d68927c25ad9e7d72dbdd33762a14fc742040b15a163e57ab

Request headers

Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Mon, 04 Dec 2023 19:52:08 GMT
etag
W/"b565b269511e181b6eadabf870cd3c7f"
last-modified
Thu, 05 Oct 2023 08:52:07 GMT
server
CDN77-Turbo
vary
Accept-Encoding Accept-Encoding
x-77-age
8985
x-77-cache
HIT
x-77-nzt
A5ySIYg3Nzeh1GY4mTc3N/8ZIwAAz9PUZhuYGgA
x-77-nzt-ray
f6587a1d9f2944c5e82d6e65ad5a303b
x-77-pop
frankfurtDE
x-accel-date
1701710543
x-accel-expires
@1702747343
x-amz-request-id
tx00000c9ac6701048ea8a4-00656e0acf-5134785-nyc
x-cache-lb
MISS
x-rgw-object-type
Normal

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 19:52:08 GMT
location
https://ssrv.bidsxchange.com/4667
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8F2C 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1714061154748628&plah=a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9685966f38baada04e114a6b90a06bc0ca71eeaff4e42a694f657bb9b3aec140
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12120
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 2D62 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu7ixEveA5AuAX63JCtZdD8GcHpGucbsflhAD32OSlBs9BXu1Wv3VFjWETMN-rO9n0k5HQInu5MAjOQ8W4vw9af5KwgniGhl7O6MLs7EDQxxJA2ecgJ&sig=Cg0ArKJSzM_C-ftaWc9GEAE&id=lidar2&mcvt=1000&p=950,1033,1200,1333&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4033539290&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701719524179&rpt=2814&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 5B21 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=XQlInqGeomRNV-vyMoVNsqgEaaXP8kUEb4xWloaJp-kZqkxz9EabC-2Ob2RcCktKtlScq55juuKdeqoDQw8Qv7P2wIC2HqhUarN7EGPhzSx7a9HnH2Evm9f7CNOTMTPrdIQBkq0ok7PAT8OaGMFd01IQspJmZyb-EqoSNoEqUr9hEEDWsZ9bg-5n3o9OQHNlL_jAiCZsNWXEWQtNhO9Y6NOmx1Vu0cucZXGs_EZ8gA6FwVNC0RWcueiZhKo&sds=2&rev=89278&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW4t4wANd6gKd-zSAA0mujJ2ospZq1g6qQmedg&u=%7CqEjFNjstp0EJJERqIdinxfY6LT2jflgpJBZxINi%2BKy8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZIceLgHilU_0191f8nlIUbwZIuJUI5r3gZFpBn3bSZJlYor-qGBnFljCpN1gzlPZbCFbTbeemMCIiX-Qru2lIk1xgGhIIsN8teCRKfHZH0uvv3TeEEeRl-o1rsITeGuWtysYlcUYtZJ2uhxPIOHneGoNIG0D9-bhPzG_b4iUQHBNbjoqgBY9zbWfDg7YfOkzyG45PmnUd7oIuRumgQelmCWQz_jtwChtQw3xKPY7JponVKpUkgjeFREK2hQCXTXWx0CwS_QP3zqsNA9nGWRoEitUtagC0ELlmpi_JOMu9Uz6twJM1W7LS0-5-KeOrqVx0lBWr7oL7nfqUv7fIzhJJWCPKbCJDDgrUXqk62a-c5Z4ZpCPHa1xbV-cF7mL8fRoFOzuOHL43H8XKGZnZhiQftqx7DbyOOTQEyIsVvxR908BsHxgxBMuWXutTan_24yiq-ZYiuvgzTMfqSKv2hWzRGOqlPBd8oRo2P4yVdsndgBPATYI-icuT8QcbmnStAE7sul4aLGu-SZSREA6L6ARmt-OeY5fmFWNf0XyldyEtby&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtdSL4y1uZajvNdLZ3wO6zbSID8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCakCRMu0ce87sj7gAgCoAwHIAwKqBLYCT9AT1ew211Jk_TVwpmcEDXL9O_FQuOadC5T_3t22JmpRoId4fbJlIco1N0jpO2uaxvcwdWieRGBu79v--CO7inP4houbgVBPOtjCSV2n8vGMiZrJfJtbf4TF6-LGnLblVrR6XVzZSpKOW7qz7VLpL4ADrlp-rKhbRxESJ9qtY7JaCOSpBtv3F9X3hyhutDseHyThV0MWnDjsx2NB2v2fGbWl9BTvwFxUB0QA1_wpVeiP-pcSllt9zE4-ADfSeJvE4Zgi8Yx0KEqG_6y_XLqu9Ie01ecUQpWksR5pshllHKAscq9sfq2rGmu2j2wPAo4J4_GGWuzCPY_9AvQ1qyl6UPppedNQt_X4nywrLOIegq9ksbDcHwP11jMKaLI9vpy4mO0PKkFZNPFduybUaQAzsOpXeYiWAOAEAYAG5tfewOGjvaOtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAcBABMgLrAjoCgEBIvf3BOliu4Oadx_aCA_oLAggBgAwB4g0TCOWZ553H9oIDFdLsdwoduiYN8dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Fm8YhWcOlHEvnRqa0o38rYupblQ%26client%3Dca-pub-6167238712729032%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 04 Dec 2023 19:52:07 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame A3A8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311280101&jk=2431512832835613&bg=!MzClMH_NAAY3kmNgF5I7ADQBe5WfOA6hU7VNjZYusHzVziAxH3F3UXBFrEznvswp6PSF_HsgFHz7_KztWBhnTfUojf6uAgAAAMhSAAAAA2gBBwoAVXcVmmffFGZ0RV6PkgA8oK7K6cBdcGCNOg1GkvpruJmGdWQe6BPc1bnVqRmu8jFxMPfQM440e3ovvHHSWvfEbrkH1fg5yW_Eq9i7vD8vfH2H5Yif5hKZAs5aR_uY4gf7ppv1iFlofzSA4OLXpRUczvCL43OKxGt15kYedazrmBpS0aCBLDWdvKAlsMBcklPPvPLZrq0_aZZgia-Hi21ESrd9fbJW0MVGLEU78KR1D7JxMBXYsAwkxfIbprYmGpp626_iCSyohLmQZCCIESJzwp8woLtKKAHIQteDBNl_yqLr6UAfuH_yWAQOF1L57yvKWnvND0St5faPvwyXb_Q-zPbQB4dl5n1lM4nSauTcIQJ7ZewwLkluzF3k7QYaxyVaIrwcoQschWIRVj_WhOlsFo-kE7_gZK7zYmDj0sAsq9wpe5TOBRKyOHZ6I-kQEll0t-9z8nb0wikRlV7EfStOBuTmLKNkEvOpX1xVzEmaVcXvUyBfukZhIwiYeDxBzC5KLWjaU9GZ_I--DxKuaKeUj7Ly1y1JpiJgdyArbFAkH7Us6KOjdOPWmEOC1fXyVM20ykXAIQxZc-6jhWyWkRjneYczx2vW6fbj2NblRiJxkOy3ujxRIu93VkxceAuHwsK143SuXnbuh2tZAY_YaJW3StI_D4QATStw7lkB5CpMFIHCAmkPqn2ZF5sD5zWBHTshe4Ae3PA6Fu_3d8ko6vtcJpfZCyJxbVGCQBHnoK7-Gkne9QYMlaaMcFlWbbt8kKGVYHHQ5hNQpbeZUZ6COuSco_jgWpwK5eSUCK1UjEO8bXR4eY3YQs-YksId2l901HLMBp_wCjqpFSNfsTREKOU7dnaYtBPB6ioXNPtfm0iu1az_f--kctBLOldnXcdTxFoJ_MRP1gw6fIQsJtht4HsuD5i0J33MWnKxVt7zb9daNHBDY_0ZEWK1PulOfDc1boXxgdlONxvhXqG8ykdGHaDyGuQPimNqQWphMBJ77QUYzU70p__mzmcdbgAAzKVaiSSUy7KuT0lnq4q8zjiIlNsvdyjolGmOMN-w2DV3FietXHeC5RPh-VSf
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
AGSKWxUn7jjWV1kLrzH-WyIWDIvEJ8WJRSi_c1ulwQ7-qZFI1Q51U13VEr-iM2P9iP3xgQKUnKnGBE9Cr0edNbSq8Fmx66NP7HA3fUqzcFiYLAVmJhGxybR7oYF1JL4DDQOD8WbZVns1yA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUn7jjWV1kLrzH-WyIWDIvEJ8WJRSi_c1ulwQ7-qZFI1Q51U13VEr-iM2P9iP3xgQKUnKnGBE9Cr0edNbSq8Fmx66NP7HA3fUqzcFiYLAVmJhGxybR7oYF1JL4DDQOD8WbZVns1yA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.p7t_m2oGp8Q.es5.O/am=AAM/d=1/rs=AJlcJMysrlPDx9ciiHy-YjfGSJSq1JOS2g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8fFjtB_Qcnbn3uazqpW24g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Dec 2023 19:52:08 GMT
content-security-policy
script-src 'report-sample' 'nonce-8fFjtB_Qcnbn3uazqpW24g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8F2C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1714061154748628&plah=a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Dec 2023 19:52:08 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DFCC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311300101&jk=1525624108523641&bg=!zc6lzoHNAAY3kmNgF5I7ADQBe5WfOF7z-xKfjunnDanzDD7xjouQJTggY5lu0ykTsKlf4BRi46d0xMlTpoqxlpWECQR_AgAAAGZSAAAABWgBB5kDAdh6p_K03T2V-PqmCcrZ7Am8NjCqNYH1_QObZL2EcDx_iJShxWVASL0wP7NWiA10T6Ex7-DFEzQJn1uCap5coTSBWg3kjm5er9odNemR9TegUoRoz5SJMWu9f5mk8nbG5F44bD0E39Z1BQCGO-C4pXh9SHtay5OYNyGKTDIJXUEYL0JQxgYEoCREwT9obsl_dVqKrTsljietbLzChm3Zx4TvdGOawhkjAJDKmZwuXH0XZHzOYKjkOFjmobTvkrRWUdGSJHl8KAu-nQd5gfrjfiHn55IkDVGdB2Wr7p7jDj3B1_Z54JrdhVbKlkwrdpPczLRXbm9F8rfOyFMqUsJh0LmEjKDXSGcOrvXlRSpWyYrlOq7ikS_9IP7zYluQ0edGMD982eCQ08i0sWXQjrdTASXJIh2OYnRI2xKSR1ItiQ_G4OVESNAkxcrIbj_lxa9PVhCeP-xnDlFJ0T8s0bcY7tzGWw6nJIiqpCJ8z7cl2mTo59FVzp7AIap2xDpJVvXYmayY7ZWxdq3FiV-oKg8dznm5PbF6vagb4EXXiqOWZEu3vdfNkO1qUfh-9DFC8aWcEbUKXJhOGHdsFjsjYWOj0tBJIBscKhqXQM4lGIBRuynn1idwtgZvia6oYq8jI7_Zjiijq6Z_Hbv3e_efcDW5K303KfRnuMxfmG02hLZ1El2g3WLlS6qH4NP6ynV0A1LQacyRXZJpTYU9a9s6_tVBXtoZ5EanCe06ea0nyiqnXC8qFwO19RN2haK7dwZc55BVGb-cV8WSK_vxb1pWqYhWj2ozjPfFXqc7aWxRez3qtgJ9O3Uya_YuzmjUHRHLlO3u1VLEHvbVVWr-rLWsYzxY2u-N7MK3YAGDsce_NYDdMMiF-tAqKshvgN34JSb_J8aerM_443CEQsiHuRAFrLh_QBJ95zPqGR9rohjGbf9cFEs3g8hip2nmXyMQ8P-H2-EF2bg8BFsC1kVs6TtBK-vury7E8pM3HeHbqrVQLQSABIeePWCKgB0IWXRj7ADbG0y5sBI
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
0caf21412aa26c51d5c9204bab541c31332cf7e965272596761abaf58b9901a0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
https://www.sanook.com
date
Mon, 04 Dec 2023 19:52:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
v3
id5-sync.com/gm/ 		319 B
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
78042eef17344194d24a4b40dbd51bd066b548ac4bf7efbbe4f6847f712a4e7b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Mon, 04 Dec 2023 19:52:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 50E1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
17577
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 14:59:11 GMT
expires
Tue, 03 Dec 2024 14:59:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9115 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0535646c2bdee0fb8dbf224bdad07da0c54c02cb6f695cd46f6295580b82784f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PMdUKxVCFcmu__TI0Zmgog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-PMdUKxVCFcmu__TI0Zmgog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 19:52:08 GMT
expires
Mon, 04 Dec 2023 19:52:08 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 50E1 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:45:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
7611
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Dec 2024 17:45:17 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9115 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=4379201949802626&rc=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 50E1 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?nMAQ9Q
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:08 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame B12A 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ssrv.bidsxchange.com
URL: https://ssrv.bidsxchange.com/4667
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f43a7bc5d06852f4ec45a0adb0c55384fcf077a5b10f4a2c6403222270f9d475
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssrv.bidsxchange.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10272
x-xss-protection
0
server
cafe
etag
1980174698301405262
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 04 Dec 2023 19:52:09 GMT
/
ssrv-pixel.bidsxchange.com/ Frame E85D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ssrv-pixel.bidsxchange.com/
Requested by
Host: ssrv.bidsxchange.com
URL: https://ssrv.bidsxchange.com/4667
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.66.55.247 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-66-55-247.ap-south-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ssrv.bidsxchange.com
date
Mon, 04 Dec 2023 19:52:09 GMT
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Origin, Origin, Accept, X-Data, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
600
access-control-allow-methods
GET,OPTIONS,POST
sodar
pagead2.googlesyndication.com/pagead/ Frame 8F2C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=4379201949802626&bg=!MjGlMX7NAAY3kmNgF5I7ADQBe5WfOOfzhen1hDyeHvhWQrU4QFNtJk0NNSC0N6uBO9U5JChdVjjljhRx6HRhQ4z7RiFdAgAAAGBSAAAABGgBB5kDTqKKnlwoF0IaAOLZC5Ksiqzt602gegNsR2kRgWzKs9cqfSx93YlYg-JUgV1vDWFGP6JliSKfepmzr9_yKcoXxcazz7wIgnOKc2iT8kxmaDlzbj527-9ILhYOPWzQXLmFGaCXPICIWqhxsUk9pSMA2_EbShQ_R6b6VPZETALORCk1vGEIDu5GBJEEgJt7f9neeIXAoVz30Ov5_bLG7RXWnZOIOSX474NEBYBfwYS-S6lIXYUnDSjOzvR5uUfajfy7btE4RBIj8Zn9YVCDALlXG8QDQYRv5wrt_GzzLZcagMGp0HzuzeBEqc8CSLx0pXOEOQC4kjkP5XH62Ref4fiJLQB1sXS_N48YTXfSW5REbA8mHVqt6F9QGImC69Q28D92NmC6MTY83SEMuuF5FCwQHvREP4B9GyCO2_MOBwB5HLVQFgt4X-yJ7gqLmdKfWaVxOLAdjMHpHdK-_wuHtUNgB1jwsXASBNyrB1O6ungRzYPdXFH-AHENrbAR_Wu3dKzkunbToEwcdcUxhfnfdGxOEpvuwe-fSKhKU5OFLGdM7ypBgzPnSiov2uf2FimPKOL9FrWjKzarN1GLuW7rZNHBXtAxsPHcL9hIvEhe4MiB5ULT4MatLHkApZP1tIXR9962IaBmspcG6yS0pHdzAhwKsf2kvIZJYFd_9CD00nAJzG8zItFBKAEB8n8TLIy5gXtCvELXkfG4jcSt6d3EVEGs6FCEXQu41XFBcPzCWnZ_UW84TIJTYAxm5Jx8Cn5knwQPcFgNtbNv191I_t6OoY7kbVIXQSDvgFE72zqHnUy3GkkIIo4ZK9hUaiWVWCbYnz808FD9R_vyDaomQKj-nLEUqWmzONGqfPbxYr18gsjeCGtYJy46cFaANCRdqh1h8aXCTg9NbAJxe0OI7koF_GGj-fauBHQB7zo92jJcsjnW8BWKwbP7qH3WPUJedPczTNRWQGSMyKF0JuR0JNClCcpjCJwKI-_L5o_ab6RTdvETYBgui3-VhQvUl92XTjxGOEOJibfEb6x49wPAv66rF2yXHwfcuih7RntqOKrFmST_OBH1ZI1QL6WWK8ZN8p-EARUAD4F7ftr6bWRuGp6m7bblqdhnTYgQNhYmLs-eQXASqw
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame B12A 		147 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ed4503cac3a473043ce40cdaa59190ac355ed5218ee80941b443ba1ff48c26b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssrv.bidsxchange.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51634
x-xss-protection
0
server
cafe
etag
885701805622227053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 04 Dec 2023 19:52:09 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/ Frame B12A 		398 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1714061154748628&plah=ssrv.bidsxchange.com&bust=31079889
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64c3b89541ca33d2eeeadf0a7b2730e85f6517758bb478d381186c4d58e945c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssrv.bidsxchange.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137520
x-xss-protection
0
server
cafe
etag
3592609380028257968
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 04 Dec 2023 19:52:09 GMT
tgframe.html
cdn.taboola.com/webpush/ Frame 3B2B 		530 B
603 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/webpush/tgframe.html
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/webpush/publishers/1011713/taboola-push-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee855581a36f5e32f1850e5d174d46156e51d3790a84851000c6b8cc0f135408

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

abp
55
accept-ranges
bytes
access-control-allow-origin
*
age
57
cache-control
private,max-age=14400
content-encoding
gzip
content-length
290
content-type
text/html
date
Mon, 04 Dec 2023 19:52:09 GMT
etag
"279913f0b9685fbf713832b8a94e8140"
last-modified
Tue, 25 May 2021 10:44:34 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 varnish
x-amz-id-2
Hy07k+4/BeI9QQdhTCdN3BSbJb5k2vxZL8qmLsejqIW6/vBsrt+kiKcSebuWTOFMSntM6dwnhv0=
x-amz-replication-status
COMPLETED
x-amz-request-id
AXQFH466HMKV07BK
x-amz-version-id
eCJpg3h26Rvju2v48GlDAqZa5i1cGp21
x-cache
HIT
x-cache-hits
2
x-served-by
cache-fra-eddf8230098-FRA
x-timer
S1701719530.666050,VS0,VE0
nr-rum-1.246.1.min.js
js-agent.newrelic.com/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-rum-1.246.1.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef19e3064e5fd9e046a6f4661949e2c7b1c7862f5269ac227ab08b8f63da87fe
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
RDDAwCkVSpQHx6hy0l8q2dFgVzGGMuQC
content-encoding
br
via
1.1 varnish
date
Mon, 04 Dec 2023 19:52:09 GMT
strict-transport-security
max-age=300
x-amz-request-id
DFZWV2Z0W8SVTMQ4
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
15673
x-amz-id-2
Y1o02ngYS9GSyYMTnZfNaLkZYF2Ng5U3OSMDbFJSoDOKwl98j5i58Sjtuv4hjeJbfl3Ks/nLW3I=
x-served-by
cache-fra-eddf8230113-FRA
last-modified
Tue, 31 Oct 2023 15:33:55 GMT
server
AmazonS3
x-timer
S1701719530.949483,VS0,VE2
etag
"04fdba12d14ecd22e6ac743bca4e0072"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
1
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311280101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
faada89279d102f61abef5ae84646143acf3d16af0f5ebed0cde41f7fa884e22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12277
x-xss-protection
0
4666
ssrv.bidsxchange.com/ Frame 689B
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1714061154748628&output=html&h=90&slotname=DSK-ADX-MCM-sanook.com-TH-Direct-RSwPB-STDB-728x90-0.30&adk=1655443947&adf=38...
  • https://ssrv.bidsxchange.com/4666
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssrv.bidsxchange.com/4666
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1714061154748628&plah=ssrv.bidsxchange.com&bust=31079889
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b7dd5104a683a930f8315f563366fd3e6c2b30ecf306060c65ef037bf1f5ea59

Request headers

Referer
https://ssrv.bidsxchange.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Mon, 04 Dec 2023 19:52:10 GMT
etag
W/"f37d795644bc61a948ad638a1efb8add"
last-modified
Thu, 02 Nov 2023 11:20:03 GMT
server
CDN77-Turbo
vary
Accept-Encoding Accept-Encoding
x-77-age
267522
x-77-cache
HIT
x-77-nzt
A5ySIYg3NzehJRPCKDc3N/8CFQQAz9PUZkxrcAA
x-77-nzt-ray
f6587a1d9f2944c5ea2d6e65c78a2718
x-77-pop
frankfurtDE
x-accel-date
1701452008
x-accel-expires
@1702488808
x-amz-request-id
tx000009c76585b496ec8fb-00656a18e7-51126b0-nyc
x-cache-lb
MISS
x-rgw-object-type
Normal

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 19:52:10 GMT
location
https://ssrv.bidsxchange.com/4666
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame B12A 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1714061154748628&plah=ssrv.bidsxchange.com&bust=31079889
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2450a08d1b70422fa6848f0d7387de99fb94ce532ec24d1748aad557a2860a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssrv.bidsxchange.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12463
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Dec 2023 19:52:09 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B12A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1714061154748628&plah=ssrv.bidsxchange.com&bust=31079889
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssrv.bidsxchange.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Dec 2023 19:52:09 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 998A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
17578
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 14:59:11 GMT
expires
Tue, 03 Dec 2024 14:59:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B84E 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
71f87e540c02404c99e640a13e6b134d26a295c32012e9b8713789c79cbb47a4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_mml83IDA_x4qdcTL077PQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-_mml83IDA_x4qdcTL077PQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 19:52:09 GMT
expires
Mon, 04 Dec 2023 19:52:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A1BF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ssrv.bidsxchange.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
17578
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 14:59:11 GMT
expires
Tue, 03 Dec 2024 14:59:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5556 		829 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
08a3781865729657f2de158d43263b646264b0da2a1d045a43a34a0eb8ebade7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-z-2gAetDFcwNaXdEMtmWtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssrv.bidsxchange.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-z-2gAetDFcwNaXdEMtmWtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 19:52:09 GMT
expires
Mon, 04 Dec 2023 19:52:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
8f062114d3
bam.nr-data.net/1/ 		40 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/8f062114d3?a=50891400&sa=1&v=1.246.1&t=Unnamed%20Transaction&rst=16420&ck=0&s=0&ref=https://www.sanook.com/&be=5126&fe=10942&dc=3034&perf=%7B%22timing%22:%7B%22of%22:1701719513579,%22n%22:0,%22f%22:848,%22dn%22:4447,%22dne%22:4447,%22c%22:4447,%22s%22:4670,%22ce%22:4891,%22rq%22:4892,%22rp%22:5126,%22rpe%22:7667,%22di%22:7787,%22ds%22:8154,%22de%22:8160,%22dc%22:16063,%22l%22:16064,%22le%22:16068%7D,%22navigation%22:%7B%7D%7D&fp=7555&fcp=7555
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-rum-1.246.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 04 Dec 2023 19:52:10 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
40
x-served-by
cache-fra-etou8220034-FRA
sodar
pagead2.googlesyndication.com/pagead/ Frame B84E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311280101&jk=2833584388591494&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 5556 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=3092324058984945&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 998A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:45:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
7613
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Dec 2024 17:45:17 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame A1BF 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:45:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
7613
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Dec 2024 17:45:17 GMT
smart.js
ced.sascdn.com/tag/4038/ Frame 7AC5 		108 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced.sascdn.com/tag/4038/smart.js
Requested by
Host: ssrv.bidsxchange.com
URL: https://ssrv.bidsxchange.com/4666
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-18.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
22159bc74ebb15baa90cab684fa968d25746f422d904182674614a411c5d425d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssrv.bidsxchange.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 19:52:10 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=7200
Connection
keep-alive
Content-Length
36490
Expires
Mon, 04 Dec 2023 21:52:10 GMT
/
ssrv-pixel.bidsxchange.com/ Frame 689B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ssrv-pixel.bidsxchange.com/
Requested by
Host: ssrv.bidsxchange.com
URL: https://ssrv.bidsxchange.com/4666
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.66.55.247 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-66-55-247.ap-south-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ssrv.bidsxchange.com
date
Mon, 04 Dec 2023 19:52:10 GMT
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Origin, Origin, Accept, X-Data, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
600
access-control-allow-methods
GET,OPTIONS,POST
generate_204
tpc.googlesyndication.com/ Frame 998A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?A-1Qng
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame A1BF 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?d0qeKA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ac
prg8.smartadserver.com/ Frame 7AC5 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/ac?nwid=4038&siteid=549192&pgid=1831173&fmtid=102367&async=1&visit=m&tmstp=7586236978&tag={{SAS-1831173}}&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.sanook.com&noadcbk=sas.noad&schain=1.0,1!streamlyn.com,bsrvptr10010,1,publisher,sanook.com&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/4038/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.85 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
d203c6cbaf3576433a7557816995ce325217a4a46e8ba96a93a89616e27c1d85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssrv.bidsxchange.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:10 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
application/javascript; charset=UTF-8
x-smrt-i
11704153
cache-control
no-cache,no-store
sodar
pagead2.googlesyndication.com/pagead/ Frame B12A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=3092324058984945&bg=!IyClIG_NAAY3kmNgF5I7ADQBe5WfOILn_yzcYaTzZC-PE7dvSMk77OeNqtSPmFhWiVKmM75fOzEbtobOMgBW9BreOxUuAgAAAVlSAAAABWgBB5kDhAtxUDDcSOsPwTElZzIKchDcQQ5SH78TLzBRiEGgl5gmPo5xRSLcWP2PKzq8KjbE5L4QaaIHK_WZ0aIUyuoQNBR6R7eEJNCKdk2wQ60axjVHTY786K6DMCib6tWgTpv313HbPcpn2XkBXKGCI6NM0C9x_KgqSfmEov4rfmrklwJj3Sk4xLINxFAQ6ZH4CqppBYH3tJU_5VquR5b9mIYwGTMbX87rB9Tc1GKajmliS4_qQkjTsVbs-OHGGKhLgLVdmFKVSjL7q3F11S5S2U6wjNaLIaPAwBEg0ifzQyqcFiag58PcuHZPMRTi3c2lF9VBFjnZwQSo0X-M0ztiL9SGzZCDZrpeGoRXQJRbHGWvGi9wvZxxON59YxS4PVlPxqQ3YCPp9w7KUZsVYrmyBnPWWyT5WSTBb8sbsjzZmKntatgdpH0gghrpoFyZzrpjG5qho5poPmv2HyKGACKJLeQFI-R4vRs5Qat_D7q4hIpaV1I7z5sDaUEujh7hsTS_LMYEL96hrs0gKH86XwxSbOtBLaInP_B2if2eBfQSvlvVFlHmY3NIuTE-oq8ElxHuggw-aJxzTw45W4uwInQEbdOP61U5j7FMjA8sEgBjfKfZ3drF0W4tDIimepZrgtxJQBhZYHTeGX2SCLiNVUtQldl1A35ciACFlok_RZPPerpwVCoGCqdiuSsbJs6uUhQZJnhZpzPZv9z8bgZS75jhLFKUdTvOLOMMKrn65A_fF6POcr4U_V8ZCkZNoFZPSXbT60kePVNK2K35sNU99bBDHmC-8NIw1e5-POqEVPCh-ynoLB4XUUgHa1TloRqdA69jCVVx7sPrOjoXxZPocPzKLoGSA9tlg9QfzwtzmQzqs9oVnMxA2VSOJZ10lN-nPFZlQ3pN_2W6UhXNvSbIWL3mX_rg-fY0gNL0IKP-RHrZB6UMyDBalEF0tKMwFVm1ql7gGaa8SE1eKcoO7t5NQ7nNcCzjeX_lLBAJEls0UpMV4I5WxYH_NvXOnawn1WrjwovF7Ad582jRaSsyodP2B8j8_08qGlCdv8pbAJRe-jcM-VrYTPyPgA1ueLw5pGjqBLIltZ6CS4PXS5NOYI1nhbys_mHQbZFR4RTMlO39LMTxhm-bFeNe7-IOguclwbpZ_f0mSbC2XsweGefBsl4FQmedeUqM9d3vxcX-ndtUp1In91gQPz3_x7OydA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssrv.bidsxchange.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311280101&jk=2833584388591494&bg=!gYKlgs3NAAY3kmNgF5I7ADQBe5WfONCB2LO5A5eg77wq96F-z6iNTYJIPhc7Eg70pzEhm7xdw0Ft-Fgn6M6er_ygu0mbAgAAAVxSAAAABGgBB5kCvLlNkq12Zr1d8HOg5jJwWU2b8h5mun_OZZQuORj9GbswSeL5-Iro4LImb0Q6MwLtJWwFan0TUJYJvVbrm-yXbNsCXFXR5uCcint-rgkONcziztx2Efde4DX5L9GFb_Lg5Xa_03k3cTGPAnK7DFvVI-bAwXXVCbTSPrNrSKry6Gf5N1SZ2sSRti_JavyqNyN1sLfIe87fhKgQZjULo_lWrOA5gpfgLJomxIwAUfBmSE9Z6qtKKIwHR2H50GpfGahCaV4KgcHQ6FIu_v1Ue12wiUHcOROdIjylrFyoV2QexF1l1rIAdIVfiuWkGVIK238lgaBgfBKOzPawFeqlCT8fqK7yDu1b6UIaskYXYzZVrogsWahKH6Snyvz_ZsptRiHWZn-aYUzVGmSNvlGZYU3crYjexspXP-RWxlKlZBp8dfpr-KdW0dakCtZn4zmFvpp0ermvGJNIVpT_4AlwrISLhfQEo8voQp_kByIRhIASUEO8uZPCN8dv7gVpkRFFlQSQ2Mc-TUea4exz960hLFqnNX-84y2EqiNAuOSlmADu_3ySOTN6D0TZ4c4DKIKCHwViStR4XGmYq9Asnpn9wLEhOAI1kCaPXDqS42siDlAb6-o_59zyF-X7ZpdLg4NE3WPE5Rqok5J_Mkp-mhtjB5ASwb0TcQRu-0RhjG-5PNe6O0uhZN_vumxT-zD24-xn4gl7fOZXGso-ZYx_iXVI6asBQI0pLGbtygacx7FTedaU41enhbb-ozWl-0h3oZIXEbXEJo3YU5AiujQD5fTFeiEd_f6RbYlmPxW3KyeSSj145AB8wyd2o64KclgOg722shH_YEN0b_lbIXT3qQeAO5ZphzPRvh_crruUe0TUavAs3mTPND9WvbpOrTvkt9sWTSUxVvV_CE3bdgFkZZ3Hm2_BEt3qhPHkyna-lbyehgw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
sas-banner-1.3.js
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame 7AC5 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.3.js
Requested by
Host: prg8.smartadserver.com
URL: https://prg8.smartadserver.com/ac?nwid=4038&siteid=549192&pgid=1831173&fmtid=102367&async=1&visit=m&tmstp=7586236978&tag={{SAS-1831173}}&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.sanook.com&noadcbk=sas.noad&schain=1.0,1!streamlyn.com,bsrvptr10010,1,publisher,sanook.com&isLazy=0&isAdRefresh=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1a49bf674b1157e5f256fc76d3f30f9ca80d6b7fe112180f8d386386e01b74d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssrv.bidsxchange.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 19:52:11 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Sep 2023 12:01:33 GMT
Server
AkamaiNetStorage
ETag
"0c3047e8b53610ea1a1137e22766d22e:1693832502.034692"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12679
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1159973258&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=coverpage-redirect&ea=click&el=coverpage-redirect&_u=aADAAEABAAAAACAEK~&jid=&gjid=&cid=991902406.1701719521&tid=UA-8147095-6&_gid=1915569760.1701719522&gtm=45He3bt0n81PNXLXRSv77572129&cd4=0&cd12=1701719531670.w6vcshim&cd43=0&cd44=2&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=933217802
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 12:08:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
27826
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
c
sal.isanook.com/sa/ 		35 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sal.isanook.com/sa/c?v=1&_v=j41&a=857207744&t=event&_s=2&dl=https%3A%2F%2Fwww.sanook.com%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=coverpage-redirect&ea=click&el=coverpage-redirect&_u=SEAAAAABC~&cid=1739298223.1701719524&tid=SA-8147095-6&cd4=0&cd8=b&z=1235534501
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.94.165 Bang Phli, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-94-165.static.asianet.co.th
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 04 Dec 2023 19:52:11 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
no-cache, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35
Expires
Thu, 01 Jan 1970 00:00:01 GMT
d
dc.sanook.com/sanookStat/userActBinary/ 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dc.sanook.com/sanookStat/userActBinary/d?v=1&_v=j41&a=857207744&t=event&_s=2&dl=https%3A%2F%2Fwww.sanook.com%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=coverpage-redirect&ea=click&el=coverpage-redirect&cd4=0&cd22=firstpage&cd23=indexpage&_gid=1915569760.1701719522&_u=CAAAAEABC~&cid=991902406.1701719521&tid=DC-8147095-6&z=31593478
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
61.91.93.45 Bang Phli, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-45.static.asianet.co.th
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 04 Dec 2023 19:52:11 GMT
X-Powered-By
ARR/3.0
Content-Length
0
tagline-template-update-april.jpg
s.isanook.com/fi/0/fp/392/1963777/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/392/1963777/tagline-template-update-april.jpg?ip/crop/w555h333/q80/jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
836480c3e4a9aa54acedc28d9539c113cae8e1ea381ebdae1d3f7bc5850da977
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 15:05:19 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
11620216431235997512
accept-ranges
bytes
content-length
43867
expires
Wed, 03 Jan 2024 15:05:19 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame F0A2 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f43a7bc5d06852f4ec45a0adb0c55384fcf077a5b10f4a2c6403222270f9d475
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssrv.bidsxchange.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10272
x-xss-protection
0
server
cafe
etag
1980174698301405262
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 04 Dec 2023 19:52:11 GMT
action
www10.smartadserver.com/track/ Frame 7AC5 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www10.smartadserver.com/track/action?sid=1701719531460&pid=1831173&iid=11704153&fmtid=102367&cid=30358029&key=impressionOnRender&ts=1701719531460
Requested by
Host: ssrv.bidsxchange.com
URL: https://ssrv.bidsxchange.com/4666
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.182.178.224 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssrv.bidsxchange.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:11 GMT
transfer-encoding
chunked
content-type
image/gif
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame F0A2 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1a955d5e4f9bc19701dcfca5568ad72d96d143a1a25bc55c862dfc2280c0d7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssrv.bidsxchange.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52736
x-xss-protection
0
server
cafe
etag
3868784513236510555
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 04 Dec 2023 19:52:11 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/ Frame F0A2 		398 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1714061154748628&plah=ssrv.bidsxchange.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e5c6f306a0a8f22c5ad8542b46dfd032d2ce1abecff03db35eeea72595255a4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssrv.bidsxchange.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137669
x-xss-protection
0
server
cafe
etag
9488309410021287949
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 04 Dec 2023 19:52:12 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 0CC2 		90 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1714061154748628&output=html&h=90&slotname=DSK-ADX-MCM-sanook.com-TH-Direct-RSwPB-STDB-728x90-0.10&adk=1472160761&adf=1143789953&pi=t.ma~as.DSK-ADX-MCM-sanook._&w=728&url=sanook.com&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701719531868&bpp=140&bdt=114&idt=358&shv=r20231129&mjsv=m202311280101&ptt=5&saldr=sd&correlator=527318550640&frm=8&ife=5&pv=1&ga_vid=2022959711.1701719532&ga_sid=1701719532&ga_hid=1123321082&ga_fc=0&nhd=7&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=670769789&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=1693300633080724&tmod=1555302604&uas=0&nvt=1&loc=https%3A%2F%2Fssrv.bidsxchange.com%2F4666&top=https%3A%2F%2Fwww.sanook.com&etu=AA-V4qOzUrXuJm06Qkvpcpim9BH7oxtGYqN81gUsc7e3fOcyHYeqVGTI_y0OAxXXe0xJBwYpbrVGfkfI&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9hy7bxdd2vtv&fsb=1&dtd=603
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1714061154748628&plah=ssrv.bidsxchange.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7d18a2f2648b26ba7ca0d4a2d639d01172fe4e2d26e416c13ce291a817d3b07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ssrv.bidsxchange.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
42400
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 19:52:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame F0A2 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1714061154748628&plah=ssrv.bidsxchange.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
326769f1c3d0df4bf5f751fd0f2a01ce9e1aaf5c405c26e56c376b9037040159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssrv.bidsxchange.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12324
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F0A2 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1714061154748628&plah=ssrv.bidsxchange.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssrv.bidsxchange.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Dec 2023 19:52:12 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3EF9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ssrv.bidsxchange.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
17581
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 14:59:11 GMT
expires
Tue, 03 Dec 2024 14:59:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7A0E 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
585738396fae4e344e0b08fd3ce6550234c957fe9abfcc4777e0df26508c304d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-H5D1FI8BAcfZs6Klaq8b-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssrv.bidsxchange.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-H5D1FI8BAcfZs6Klaq8b-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 19:52:12 GMT
expires
Mon, 04 Dec 2023 19:52:12 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 3EF9 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:45:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
7615
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Dec 2024 17:45:17 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7A0E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=1693300633080724&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 3EF9 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?MdUyOg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:12 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0CC2 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AzsFkllKKM2vDdlfNUAKl9VMvCvgAoev0H8UloAZCpkY6EYNm-zpO0gbk5gV8yWGvmrBHnYdTSJj1Ugeja9dmwP1uKJxhzZmvV5biFI_-uJ0Aye_Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1714061154748628&output=html&h=90&slotname=DSK-ADX-MCM-sanook.com-TH-Direct-RSwPB-STDB-728x90-0.10&adk=1472160761&adf=1143789953&pi=t.ma~as.DSK-ADX-MCM-sanook._&w=728&url=sanook.com&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701719531868&bpp=140&bdt=114&idt=358&shv=r20231129&mjsv=m202311280101&ptt=5&saldr=sd&correlator=527318550640&frm=8&ife=5&pv=1&ga_vid=2022959711.1701719532&ga_sid=1701719532&ga_hid=1123321082&ga_fc=0&nhd=7&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=670769789&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=1693300633080724&tmod=1555302604&uas=0&nvt=1&loc=https%3A%2F%2Fssrv.bidsxchange.com%2F4666&top=https%3A%2F%2Fwww.sanook.com&etu=AA-V4qOzUrXuJm06Qkvpcpim9BH7oxtGYqN81gUsc7e3fOcyHYeqVGTI_y0OAxXXe0xJBwYpbrVGfkfI&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9hy7bxdd2vtv&fsb=1&dtd=603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame F810 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMihxfQDEJCx_YAEGMi2s_wBMAE&v=APEucNWVRYN5X7dFBflAtytUez2nRSUTIT5CWnnKn4kEU7Nzso0n7gr6uLIkpB0rAMAPgWZKhPYDN_JUbQOOSMmz5UcdPO3rdw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1714061154748628&output=html&h=90&slotname=DSK-ADX-MCM-sanook.com-TH-Direct-RSwPB-STDB-728x90-0.10&adk=1472160761&adf=1143789953&pi=t.ma~as.DSK-ADX-MCM-sanook._&w=728&url=sanook.com&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701719531868&bpp=140&bdt=114&idt=358&shv=r20231129&mjsv=m202311280101&ptt=5&saldr=sd&correlator=527318550640&frm=8&ife=5&pv=1&ga_vid=2022959711.1701719532&ga_sid=1701719532&ga_hid=1123321082&ga_fc=0&nhd=7&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=670769789&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=1693300633080724&tmod=1555302604&uas=0&nvt=1&loc=https%3A%2F%2Fssrv.bidsxchange.com%2F4666&top=https%3A%2F%2Fwww.sanook.com&etu=AA-V4qOzUrXuJm06Qkvpcpim9BH7oxtGYqN81gUsc7e3fOcyHYeqVGTI_y0OAxXXe0xJBwYpbrVGfkfI&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9hy7bxdd2vtv&fsb=1&dtd=603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1714061154748628&output=html&h=90&slotname=DSK-ADX-MCM-sanook.com-TH-Direct-RSwPB-STDB-728x90-0.10&adk=1472160761&adf=1143789953&pi=t.ma~as.DSK-ADX-MCM-sanook._&w=728&url=sanook.com&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701719531868&bpp=140&bdt=114&idt=358&shv=r20231129&mjsv=m202311280101&ptt=5&saldr=sd&correlator=527318550640&frm=8&ife=5&pv=1&ga_vid=2022959711.1701719532&ga_sid=1701719532&ga_hid=1123321082&ga_fc=0&nhd=7&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=670769789&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=1693300633080724&tmod=1555302604&uas=0&nvt=1&loc=https%3A%2F%2Fssrv.bidsxchange.com%2F4666&top=https%3A%2F%2Fwww.sanook.com&etu=AA-V4qOzUrXuJm06Qkvpcpim9BH7oxtGYqN81gUsc7e3fOcyHYeqVGTI_y0OAxXXe0xJBwYpbrVGfkfI&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9hy7bxdd2vtv&fsb=1&dtd=603
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 19:52:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 0CC2 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1714061154748628&output=html&h=90&slotname=DSK-ADX-MCM-sanook.com-TH-Direct-RSwPB-STDB-728x90-0.10&adk=1472160761&adf=1143789953&pi=t.ma~as.DSK-ADX-MCM-sanook._&w=728&url=sanook.com&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701719531868&bpp=140&bdt=114&idt=358&shv=r20231129&mjsv=m202311280101&ptt=5&saldr=sd&correlator=527318550640&frm=8&ife=5&pv=1&ga_vid=2022959711.1701719532&ga_sid=1701719532&ga_hid=1123321082&ga_fc=0&nhd=7&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=670769789&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=1693300633080724&tmod=1555302604&uas=0&nvt=1&loc=https%3A%2F%2Fssrv.bidsxchange.com%2F4666&top=https%3A%2F%2Fwww.sanook.com&etu=AA-V4qOzUrXuJm06Qkvpcpim9BH7oxtGYqN81gUsc7e3fOcyHYeqVGTI_y0OAxXXe0xJBwYpbrVGfkfI&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9hy7bxdd2vtv&fsb=1&dtd=603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 22:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
76159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Dec 2023 22:42:54 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 0CC2 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1714061154748628&output=html&h=90&slotname=DSK-ADX-MCM-sanook.com-TH-Direct-RSwPB-STDB-728x90-0.10&adk=1472160761&adf=1143789953&pi=t.ma~as.DSK-ADX-MCM-sanook._&w=728&url=sanook.com&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701719531868&bpp=140&bdt=114&idt=358&shv=r20231129&mjsv=m202311280101&ptt=5&saldr=sd&correlator=527318550640&frm=8&ife=5&pv=1&ga_vid=2022959711.1701719532&ga_sid=1701719532&ga_hid=1123321082&ga_fc=0&nhd=7&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=670769789&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=1693300633080724&tmod=1555302604&uas=0&nvt=1&loc=https%3A%2F%2Fssrv.bidsxchange.com%2F4666&top=https%3A%2F%2Fwww.sanook.com&etu=AA-V4qOzUrXuJm06Qkvpcpim9BH7oxtGYqN81gUsc7e3fOcyHYeqVGTI_y0OAxXXe0xJBwYpbrVGfkfI&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9hy7bxdd2vtv&fsb=1&dtd=603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 22:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
76159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Dec 2023 22:42:54 GMT
view
ad.doubleclick.net/pcs/ Frame 0CC2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsva_c-0RUedbZtiMxaiRc6hboR6U8t2BLQQ8yywFhQ8iS6wzjHSdUrHjdz9YM-xF8OheqnUBfVg5ZLNaUl85iVjXwb-31qmVXr-jJYUqMYu-U4dDOimw0P4UuCwnrjqV9cRqAMWx1OlE5x-lWDP4PiO9rOtotQFf9uETcYsxT9BHZiAmCJS4kVMfMCDbFC5HijvreAVxYrynEEDDtjv6sGFfeUSzFPTEiRVGRV1uwOhn2R-y5ca3sxW8G1ICJl6jPAOT871LElVZ5Bcwq0JIbi7K6irmgj0WiM_IRv45mI6bS9v11-WKm7Blzd8nbSUqi6O_4dKsd02fBJfdZdbLevAuOs7LXiFkiy04omxstMOtz6S0RUtDws8sId7nGYn2ECVUZHqhFAoXP5egWdaepozvt4gRsp8YmQMdJ2PHCMAIK7bouxTvXhc8I0KVmxaUFEvmYU_eyyKDR6bJPwo3SSR0sNCbJhTPs5wNXNLXa13o0qsbYtA_B9il3NNdsobt69gGuVNxlgp2pD2fWPeydchdKbZ-4Ok60ww9S1Bh1GT13LpUK9I9s1WtnQpDaQHJVfLyhvyYRzKm2fBB89gTGj-ApKVw4EsdsVBdt3WoGYc9bO9xpyxumJSGU5IuXHjKgfOpa5mzxnBdu4Yf3aFGo7frUW80I3JzwBAOxEoNVFyWACg8lhy8xJFqicK0OrTZb0657MPsBhdvybZPyB10bk1steJ2NYjVj40aPP9ciSCMtUCSfY-z_-HUl3LzK9iidcuYKfrMr-xGZKTtelOshTJp_xVtfyfIEXK7TlZ5mAdFvwWQJ_GPo80GgAlmynHvPqct8uzrZS5_LDNUsFyLzdsthuoMAfWQ3iEoAegmraJrkgQIwKdIRVy_PPgVzV1hjOA4_vsQ2Mjw3EsrVV-VI9XRGeJa1v9p2jAxTCtgmTs7OZ07ejozzsVGMQfxtDKpPW6_Y_v6Fh42IW8EpDYbZLyQyeHA_dJrpbXX7-jV1Q_waquDlztE4dr2dKAcOthkrRPSI65_Nr8CZb9SrdVjgedYnaAN4fM7eKP8_x6rsVzQKI9uBuUCykv2P-hvXkEWx8B0gxtijo0GaHNz0sODUwgAVvtwMZWnasMZ3RwPnIbYX3G8p7Xtngv62G-O4c3iTDQzt6j-gFBhy9cC2rAHWn93cfu5I6QDebOuvf2pRAk1xpeYOGfb1PhswSi9Ih7DDcLl9Vbq6CpvqW8cW8d0isStpwKqZScv-DQY0Jg7qLeUyeYfNpIcWMMGw5vwNQ-ilaePAAuP-Iz-LyQdYgcd0z7byp8vM7F71xJwef_20usXoTOxU5Kuh85KdmbXGklORCUjemFv8WX1Vsy3BInJ9t6CPcWKPtt3rB3S4NAdkp0O-VF4mm6P45pFuBAGvN59lN1_uqJyOQkTP_Jspix97IuR2k4GsqSjm2VvxZn5qQFyR_O4YaCGELIryRk&sai=AMfl-YTU7j7t-tX3Mk_SLZD0u4Q5jYBv4g7h1OrrB7WtuTCSb3E6EXERoMIxUG7xWYiTWZsPq3TGCsCd1Gmlti4cwRNW1r38smkKcOc-D0TAmBDRDpwaqNtu1vQl0M69o31_Iw9Ie-s8bphl-tCLULLN8cjohJrfxMnbvVg8Gfh4MUnxqdZtqqbu8YR3-2llfLh0avFjocl7NIzNUo34ppmbVSmHTZZGXE7mnud0RNe9Wml-m18h7Nv-HWGjEPJG4SR_J15woTeAAyJt0wtxcBcR3K5Y5rmDLgP2X-sB001ubiKI-H3ytMu1c_91Gte0NWQaAfHSoI4yjAL4jQ&sig=Cg0ArKJSzCGC9cP4hLZPEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ib290LmRl&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=1&cstd=0&cisv=r20231129.40987&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1714061154748628&output=html&h=90&slotname=DSK-ADX-MCM-sanook.com-TH-Direct-RSwPB-STDB-728x90-0.10&adk=1472160761&adf=1143789953&pi=t.ma~as.DSK-ADX-MCM-sanook._&w=728&url=sanook.com&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701719531868&bpp=140&bdt=114&idt=358&shv=r20231129&mjsv=m202311280101&ptt=5&saldr=sd&correlator=527318550640&frm=8&ife=5&pv=1&ga_vid=2022959711.1701719532&ga_sid=1701719532&ga_hid=1123321082&ga_fc=0&nhd=7&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=670769789&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=1693300633080724&tmod=1555302604&uas=0&nvt=1&loc=https%3A%2F%2Fssrv.bidsxchange.com%2F4666&top=https%3A%2F%2Fwww.sanook.com&etu=AA-V4qOzUrXuJm06Qkvpcpim9BH7oxtGYqN81gUsc7e3fOcyHYeqVGTI_y0OAxXXe0xJBwYpbrVGfkfI&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9hy7bxdd2vtv&fsb=1&dtd=603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.102 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 04 Dec 2023 19:52:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 0CC2 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1714061154748628&output=html&h=90&slotname=DSK-ADX-MCM-sanook.com-TH-Direct-RSwPB-STDB-728x90-0.10&adk=1472160761&adf=1143789953&pi=t.ma~as.DSK-ADX-MCM-sanook._&w=728&url=sanook.com&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701719531868&bpp=140&bdt=114&idt=358&shv=r20231129&mjsv=m202311280101&ptt=5&saldr=sd&correlator=527318550640&frm=8&ife=5&pv=1&ga_vid=2022959711.1701719532&ga_sid=1701719532&ga_hid=1123321082&ga_fc=0&nhd=7&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=670769789&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=1693300633080724&tmod=1555302604&uas=0&nvt=1&loc=https%3A%2F%2Fssrv.bidsxchange.com%2F4666&top=https%3A%2F%2Fwww.sanook.com&etu=AA-V4qOzUrXuJm06Qkvpcpim9BH7oxtGYqN81gUsc7e3fOcyHYeqVGTI_y0OAxXXe0xJBwYpbrVGfkfI&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9hy7bxdd2vtv&fsb=1&dtd=603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 16:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
185691
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Dec 2024 16:17:22 GMT
15383902003269459159
s0.2mdn.net/simgad/ Frame 0CC2 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/15383902003269459159
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1714061154748628&output=html&h=90&slotname=DSK-ADX-MCM-sanook.com-TH-Direct-RSwPB-STDB-728x90-0.10&adk=1472160761&adf=1143789953&pi=t.ma~as.DSK-ADX-MCM-sanook._&w=728&url=sanook.com&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701719531868&bpp=140&bdt=114&idt=358&shv=r20231129&mjsv=m202311280101&ptt=5&saldr=sd&correlator=527318550640&frm=8&ife=5&pv=1&ga_vid=2022959711.1701719532&ga_sid=1701719532&ga_hid=1123321082&ga_fc=0&nhd=7&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=670769789&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=1693300633080724&tmod=1555302604&uas=0&nvt=1&loc=https%3A%2F%2Fssrv.bidsxchange.com%2F4666&top=https%3A%2F%2Fwww.sanook.com&etu=AA-V4qOzUrXuJm06Qkvpcpim9BH7oxtGYqN81gUsc7e3fOcyHYeqVGTI_y0OAxXXe0xJBwYpbrVGfkfI&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9hy7bxdd2vtv&fsb=1&dtd=603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
457500eab2b1d9efabc49ded3803a9d10abad6d5988455dec55fc55ae1385925
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 19:17:37 GMT
x-content-type-options
nosniff
age
261276
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92712
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 14:12:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 30 Nov 2024 19:17:37 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 0CC2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1714061154748628&output=html&h=90&slotname=DSK-ADX-MCM-sanook.com-TH-Direct-RSwPB-STDB-728x90-0.10&adk=1472160761&adf=1143789953&pi=t.ma~as.DSK-ADX-MCM-sanook._&w=728&url=sanook.com&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701719531868&bpp=140&bdt=114&idt=358&shv=r20231129&mjsv=m202311280101&ptt=5&saldr=sd&correlator=527318550640&frm=8&ife=5&pv=1&ga_vid=2022959711.1701719532&ga_sid=1701719532&ga_hid=1123321082&ga_fc=0&nhd=7&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=670769789&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=1693300633080724&tmod=1555302604&uas=0&nvt=1&loc=https%3A%2F%2Fssrv.bidsxchange.com%2F4666&top=https%3A%2F%2Fwww.sanook.com&etu=AA-V4qOzUrXuJm06Qkvpcpim9BH7oxtGYqN81gUsc7e3fOcyHYeqVGTI_y0OAxXXe0xJBwYpbrVGfkfI&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9hy7bxdd2vtv&fsb=1&dtd=603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 13:51:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
21644
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 13:51:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 0CC2 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1714061154748628&output=html&h=90&slotname=DSK-ADX-MCM-sanook.com-TH-Direct-RSwPB-STDB-728x90-0.10&adk=1472160761&adf=1143789953&pi=t.ma~as.DSK-ADX-MCM-sanook._&w=728&url=sanook.com&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701719531868&bpp=140&bdt=114&idt=358&shv=r20231129&mjsv=m202311280101&ptt=5&saldr=sd&correlator=527318550640&frm=8&ife=5&pv=1&ga_vid=2022959711.1701719532&ga_sid=1701719532&ga_hid=1123321082&ga_fc=0&nhd=7&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=670769789&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=1693300633080724&tmod=1555302604&uas=0&nvt=1&loc=https%3A%2F%2Fssrv.bidsxchange.com%2F4666&top=https%3A%2F%2Fwww.sanook.com&etu=AA-V4qOzUrXuJm06Qkvpcpim9BH7oxtGYqN81gUsc7e3fOcyHYeqVGTI_y0OAxXXe0xJBwYpbrVGfkfI&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9hy7bxdd2vtv&fsb=1&dtd=603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 22:31:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
76838
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Dec 2023 22:31:35 GMT
l
www.google.com/ads/measurement/ Frame 0CC2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQM4VAfYon4oaliCtB5S0w1U9YfmAFC-pc7b7yycskqjKi_tnpuwzTCHOpLW0rd3JJbqIKL
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1714061154748628&output=html&h=90&slotname=DSK-ADX-MCM-sanook.com-TH-Direct-RSwPB-STDB-728x90-0.10&adk=1472160761&adf=1143789953&pi=t.ma~as.DSK-ADX-MCM-sanook._&w=728&url=sanook.com&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701719531868&bpp=140&bdt=114&idt=358&shv=r20231129&mjsv=m202311280101&ptt=5&saldr=sd&correlator=527318550640&frm=8&ife=5&pv=1&ga_vid=2022959711.1701719532&ga_sid=1701719532&ga_hid=1123321082&ga_fc=0&nhd=7&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=670769789&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=1693300633080724&tmod=1555302604&uas=0&nvt=1&loc=https%3A%2F%2Fssrv.bidsxchange.com%2F4666&top=https%3A%2F%2Fwww.sanook.com&etu=AA-V4qOzUrXuJm06Qkvpcpim9BH7oxtGYqN81gUsc7e3fOcyHYeqVGTI_y0OAxXXe0xJBwYpbrVGfkfI&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9hy7bxdd2vtv&fsb=1&dtd=603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0CC2 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1714061154748628&output=html&h=90&slotname=DSK-ADX-MCM-sanook.com-TH-Direct-RSwPB-STDB-728x90-0.10&adk=1472160761&adf=1143789953&pi=t.ma~as.DSK-ADX-MCM-sanook._&w=728&url=sanook.com&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701719531868&bpp=140&bdt=114&idt=358&shv=r20231129&mjsv=m202311280101&ptt=5&saldr=sd&correlator=527318550640&frm=8&ife=5&pv=1&ga_vid=2022959711.1701719532&ga_sid=1701719532&ga_hid=1123321082&ga_fc=0&nhd=7&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=670769789&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=1693300633080724&tmod=1555302604&uas=0&nvt=1&loc=https%3A%2F%2Fssrv.bidsxchange.com%2F4666&top=https%3A%2F%2Fwww.sanook.com&etu=AA-V4qOzUrXuJm06Qkvpcpim9BH7oxtGYqN81gUsc7e3fOcyHYeqVGTI_y0OAxXXe0xJBwYpbrVGfkfI&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9hy7bxdd2vtv&fsb=1&dtd=603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Dec 2023 19:52:13 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 0D1B 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
27948
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 12:06:25 GMT
expires
Tue, 03 Dec 2024 12:06:25 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 0CC2 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f902cd4244604287f63471af3b481b4dec3846d742a5edb557a9b3ad4b0de3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 0D1B 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:45:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
7616
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Dec 2024 17:45:17 GMT
view
ad.doubleclick.net/pcs/ Frame 0CC2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsva_c-0RUedbZtiMxaiRc6hboR6U8t2BLQQ8yywFhQ8iS6wzjHSdUrHjdz9YM-xF8OheqnUBfVg5ZLNaUl85iVjXwb-31qmVXr-jJYUqMYu-U4dDOimw0P4UuCwnrjqV9cRqAMWx1OlE5x-lWDP4PiO9rOtotQFf9uETcYsxT9BHZiAmCJS4kVMfMCDbFC5HijvreAVxYrynEEDDtjv6sGFfeUSzFPTEiRVGRV1uwOhn2R-y5ca3sxW8G1ICJl6jPAOT871LElVZ5Bcwq0JIbi7K6irmgj0WiM_IRv45mI6bS9v11-WKm7Blzd8nbSUqi6O_4dKsd02fBJfdZdbLevAuOs7LXiFkiy04omxstMOtz6S0RUtDws8sId7nGYn2ECVUZHqhFAoXP5egWdaepozvt4gRsp8YmQMdJ2PHCMAIK7bouxTvXhc8I0KVmxaUFEvmYU_eyyKDR6bJPwo3SSR0sNCbJhTPs5wNXNLXa13o0qsbYtA_B9il3NNdsobt69gGuVNxlgp2pD2fWPeydchdKbZ-4Ok60ww9S1Bh1GT13LpUK9I9s1WtnQpDaQHJVfLyhvyYRzKm2fBB89gTGj-ApKVw4EsdsVBdt3WoGYc9bO9xpyxumJSGU5IuXHjKgfOpa5mzxnBdu4Yf3aFGo7frUW80I3JzwBAOxEoNVFyWACg8lhy8xJFqicK0OrTZb0657MPsBhdvybZPyB10bk1steJ2NYjVj40aPP9ciSCMtUCSfY-z_-HUl3LzK9iidcuYKfrMr-xGZKTtelOshTJp_xVtfyfIEXK7TlZ5mAdFvwWQJ_GPo80GgAlmynHvPqct8uzrZS5_LDNUsFyLzdsthuoMAfWQ3iEoAegmraJrkgQIwKdIRVy_PPgVzV1hjOA4_vsQ2Mjw3EsrVV-VI9XRGeJa1v9p2jAxTCtgmTs7OZ07ejozzsVGMQfxtDKpPW6_Y_v6Fh42IW8EpDYbZLyQyeHA_dJrpbXX7-jV1Q_waquDlztE4dr2dKAcOthkrRPSI65_Nr8CZb9SrdVjgedYnaAN4fM7eKP8_x6rsVzQKI9uBuUCykv2P-hvXkEWx8B0gxtijo0GaHNz0sODUwgAVvtwMZWnasMZ3RwPnIbYX3G8p7Xtngv62G-O4c3iTDQzt6j-gFBhy9cC2rAHWn93cfu5I6QDebOuvf2pRAk1xpeYOGfb1PhswSi9Ih7DDcLl9Vbq6CpvqW8cW8d0isStpwKqZScv-DQY0Jg7qLeUyeYfNpIcWMMGw5vwNQ-ilaePAAuP-Iz-LyQdYgcd0z7byp8vM7F71xJwef_20usXoTOxU5Kuh85KdmbXGklORCUjemFv8WX1Vsy3BInJ9t6CPcWKPtt3rB3S4NAdkp0O-VF4mm6P45pFuBAGvN59lN1_uqJyOQkTP_Jspix97IuR2k4GsqSjm2VvxZn5qQFyR_O4YaCGELIryRk&sai=AMfl-YTU7j7t-tX3Mk_SLZD0u4Q5jYBv4g7h1OrrB7WtuTCSb3E6EXERoMIxUG7xWYiTWZsPq3TGCsCd1Gmlti4cwRNW1r38smkKcOc-D0TAmBDRDpwaqNtu1vQl0M69o31_Iw9Ie-s8bphl-tCLULLN8cjohJrfxMnbvVg8Gfh4MUnxqdZtqqbu8YR3-2llfLh0avFjocl7NIzNUo34ppmbVSmHTZZGXE7mnud0RNe9Wml-m18h7Nv-HWGjEPJG4SR_J15woTeAAyJt0wtxcBcR3K5Y5rmDLgP2X-sB001ubiKI-H3ytMu1c_91Gte0NWQaAfHSoI4yjAL4jQ&sig=Cg0ArKJSzCGC9cP4hLZPEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ib290LmRl&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=262&vt=11&dtpt=259&dett=2&cstd=0&cisv=r20231129.40987&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1714061154748628&output=html&h=90&slotname=DSK-ADX-MCM-sanook.com-TH-Direct-RSwPB-STDB-728x90-0.10&adk=1472160761&adf=1143789953&pi=t.ma~as.DSK-ADX-MCM-sanook._&w=728&url=sanook.com&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701719531868&bpp=140&bdt=114&idt=358&shv=r20231129&mjsv=m202311280101&ptt=5&saldr=sd&correlator=527318550640&frm=8&ife=5&pv=1&ga_vid=2022959711.1701719532&ga_sid=1701719532&ga_hid=1123321082&ga_fc=0&nhd=7&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=670769789&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=1693300633080724&tmod=1555302604&uas=0&nvt=1&loc=https%3A%2F%2Fssrv.bidsxchange.com%2F4666&top=https%3A%2F%2Fwww.sanook.com&etu=AA-V4qOzUrXuJm06Qkvpcpim9BH7oxtGYqN81gUsc7e3fOcyHYeqVGTI_y0OAxXXe0xJBwYpbrVGfkfI&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9hy7bxdd2vtv&fsb=1&dtd=603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.102 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:52:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame F0A2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=1693300633080724&bg=!DA-lD0DNAAY3kmNgF5I7ADQBe5WfOAofo2gTB3vKSgZNktoQ4cRpCnnewhN8IeHVEeyuKcLINJx1rnaytlLcbMjwhhRoAgAAAF9SAAAABWgBB5kD4zeFe55XB7bgJxHEo9xaBs5g7uG0HyLncBxq_l2L4mMfN11Qq7yxJpKxkX95BvURPKmTZEIppRYhLdsaWV35QlTVh9ryw1NWd4R2WIb5kqesGqzzRrCo_N98-T8AOwjti4BlDb0pg4l3jdJJG0aggPT0VqWZqFqiSKNfkF4tP1EHR8OCuXR0cDrFlYmKskEyIK6y4WlKzR_k8r6MUnt50w4OXhgIZKKelHAV0g2k84Z-tixqq5J74ITjU_9s4Xkm7b41Asv3MRTBXQIrUNYuyDN7O2z8QMncsHtxXo419PPJp_TwHrvnIthft3fdQn2lMPLe3BXi650E3nbDiCth4Yd2OVubsbh9KbDYgg5Yf2bpc4qN-O_n9b0sQkNkSnh9MZJyywHraSf8PVOu-JyfLLUHwQSEOf8rgsgI8xxnO_bcDF1m1gTFoWLWWUhLU4GSMGUJf7nT894bk6Ak9bSHM0GRcBaEATl1ZUPVyxuHQOGK1Lq41d9kRYNSwVDr3AdfAlx0yTBd8i7dhA4wfSuh_HH-LyfBhuRaRB3dKB4pu9_1Jx3IDLAfSWjE_OYKnUANWaN9Kz2hAuh7bR7yzzLPYn--vr8nlzBE9JQDBydz7-sKln1-fDzYIJqFm19fhBKzGUfnrpTSaqg6EmMa9kGIUohXeHwn3gBP9a37wqStoEKqnjWowe7IJ0ItKMwIgNGxegm3ZV3U8Ged6qoYgtPErYYmrE1fxpz7DxBT207mbhmgWnnNdGet_vYKsoqEbcpv8rB1CS8BSHbr75fRDdhLRJBIydz41f2f1NxeaxL_JU_uPHpp_OE0noksVlvQA8I0VZoRJsmyLEj3pLVrebe2zeiHTn-9AKCIsbTKaJmjWKlnCYjrzvgjf3kUw7l5UtOSTk5IctTcx3J-wL0nmorTfnUajyo7ZyGRM9FSg8QcFVaDqN4ZNvTa8BgMhiOHWiEr6fqSjt8138Hys6ZGnVEwwqLLgJLgMQTgJJazYkXYQe0XzQg5l_LLvnAiDKA1yTGcheeSMzeYkZWKmtELG-4oQqCnY8il1cHf7rZVOhuV7n2Wo-d5X-9_JJZ3wNSNZtDcuj4x12r0fCOOKA0HYDYu5cURzvtaLqP5KXGcpBgCePoZauXuGVlmZ31ZxF1pacqRh2ThEKYLNpqhbzKl3J3Cr9LCPJ9zNGEj6ng3HtDonYfPvUr0O-D5RIsCEJfVZjwKLhSqYzUby3k4eCeL05dC9A3Wgy8yGpGhzwg3SaQvdhor4qCQBbFqkiVTfM9cY3li5A5lc_An3q1viEzMdZwb9w1WzbEw3rALll0wS0-EwkankyoF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssrv.bidsxchange.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D1B 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BsEPq7C1uZdL3J4Gnid4P7KKI-AgAAAAAOAHgBAI&bg=!w8ClwI_NAAY3kmNgF5I7ADQBe5WfOP3MNnv4qUvf5_qcoF50H0fHinvXUjcsMWkVaU-d5QDnTPtrVKpDYqH9PuI9o3GbAgAAAIRSAAAAB2gBB5kED3DE3XLoi5Kv9dBZodvFzl8SRkY_fXJ_B_xXL6o2tay-8jHSc36cNKIxgcL7Cdy27feUYcqTiK-qrVm0JubB3zepTdZhktK3OOK8lp2AUTIjxf5YGf2TMpc6nUSfK9_uxlluqDr0xKGWVd3QMQmxILfbQEve6LY7Akq0gEuDcQ2ICOhK1JjtEO_wkDcTBdxG_zSaUnD7726Dnr79vdpsm-mhVM_E2LfnXFpE6Z8J9E-fXiREmK36BeHUx-I5PIv0Lkfh04KUme2yIiMmG_vSMR_6M6XAaaunaVRPGKyhcsfSLQbopkwz451-qRo-oLuCFcECa2tpdEGLdp167JT--klCKXtbjqsDbkZwbvxPKiySa6K7_mUPHNVVjHn8yhK1w5pmGzqShrIXVGIeijZju--cA-20YM1U8I8eVrUJar-RAmiu6YFVd3Gxi_fbqSs3ATUT3z8HMgDW1T70H2Fz975QQOX03mUmhK2x-IPwgHcVZFHh1hK8hSr_H_MZyvoyX1UayvhauGAboNkLh5UQJoUeEElj2JdPurYgQFsWfUYepaTjPxxj7tRVcVyGqUAevgk4eY4ysogsO0xA1tIZpQlfC0t7zZcwjkXPIVz9Ha59eOHsOnW-tlbf_DLyXu68Rz_Cxf4KDilVu86w2yaQyfSJ4S23UEhqV_uu9wmjED9LvxVqG8-Oysr52gRhjwgytqdGLm4RC76ZTTAWnwurc_VjCKZGMcptpN0YuymcFkHpzq---HuQg3lmxPVg1Uk2dLbO4Oh7L7NTdslOgSdkvi9vAEHvR2jyefmNuf6obQ_EvGdQJjEf72QvrqgKxW1CECC824VkMqAmgvNwYndeJfi2YwjFIcat-x_ejCceb1VANuiecwpPnpb1mRttIncpkuGQDSuykONxgZF9D6Zv3vgGET-2RXXF2iEk6L_hAfL8PO72sFzMX5CuIaKJCCIwGLHtMz_usm6vioHh51sDK1KdzDNQm4L7pdBFBV9xHkuBK_OqB6wkCsfHN7f_L247R1n1lS1wXZW1OsTri-X4UMqdNQ80z9K3kBqpWz3mFxEg8GaGittEVML-jEF5B6ynNLQV116R4GIRyfUoqSyrqM-p0xTh__jMMKujfuS7TbqZZYjCJn22b_dquH-g_tjALUlVQD9iaHxOTbYXVkraSzLKuVziNwdZzM55-R906Axd5-FIssA8bIHd72pZxivZ_LGOEMBsFZhkIZj3grChmtImV--li5N7syLPRD0i9jdmjo0OKgr6WM1hJ-yd5iJ4I5PqoH1Us3s23VTrHg7YS8FbfCsuCZTblYsIArRhODDjisB9zbobYzxOatHJENaPLZZOH10XA2qK8Fp_OmuhIJSxm-N0n_8XjN5qQANeZfk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 19:52:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
p3.isanook.com
URL
https://p3.isanook.com/sh/0/di/ac/vl/spacer.gif
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1258

Verdicts & Comments Add Verdict or Comment

869 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| documentPictureInPicture object| objGTMInitialValue object| smiData object| adsCookieRegex boolean| GTMFirstLoad object| dataLayer function| getPage object| THwhitelist boolean| THFirstLoad string| page string| SanookAnalyticsObject function| snSAL object| m function| fbq function| _fbq function| Hood object| __tblPushGlobals object| _taboola object| _taboola_notifications function| showTBLPushPrompt object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_144 object| Criteo object| Criteo_144 object| PWT object| googletag object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| _comscore object| NREUM object| webpackChunk:NRBA-1.246.1.PROD object| newrelic object| ad boolean| adblockTracker string| GoogleAnalyticsObject function| ga string| hash string| turlnameindex string| _hsv string| _ht string| _ctg string| _hc number| __thflag undefined| stat_frm string| truehitsurl object| tga number| VisitorT number| onSeconds string| p_cookie function| truehits_set_no_cookie function| truehits_set_accept_cookie function| getLogonTime function| getLogoffTime function| path_cookie function| logon_getcookie function| Tracker function| _rdId function| _toHex function| _gsc function| _Hash function| _ref function| collector function| th_ajax_tracker function| domain_cmp string| __th_page string| udf string| arg string| _narg string| rf string| truehitsurl_top object| th_img object| th_link object| COMSCORE object| ns_p function| onYouTubeIframeAPIReady object| gaGlobal function| NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL object| webpackChunk_N_E object| regeneratorRuntime object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| next object| _N_E function| __NEXT_PRELOADREADY object| __consolidated_events_handlers__ object| __BUILD_MANIFEST object| __SSG_MANIFEST string| DataCollectionObject function| datCol object| owpbjsChunk object| owpbjs object| _pbjsGlobals object| partnersWithoutErrorAndBids object| matchedimpressions object| ucTag object| OWT string| partnerName string| key object| gaplugins object| gaData function| _UA-8147095-6_sendHitTask object| innityDataLayer object| ggeac object| google_js_reporting_queue object| msgData undefined| google_measure_js_timing object| innitytagmgr boolean| bG57b51f2f1c51b15b6d1e8553 object| _innityq object| _innity_wtl object| _innityoq object| V object| _iampt number| dz boolean| bG5f47736a47e7049801000002 object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MzI0YWQ4Nzc3YWIyYWE3NmxvYWRlcl9qcw== string| MzI0YWQ4Nzc3YWIyYWE3NmNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady number| google_unique_id object| Criteo_identitytag_144 string| Oe string| Ce string| Ae string| Te string| Ee string| Le string| Ie string| Pe string| Ve string| Me string| Ne string| De string| Re string| He string| Be function| Fe function| $e object| qe function| ze function| Ge function| Xe function| We function| Ue function| Ke boolean| Ze function| Je function| Ye function| Qe function| tn function| en function| nn function| rn function| an function| on object| sn object| cn function| un object| saplugins object| saGlobal string| Ct string| At string| cd35 string| cd36 object| ox_esp object| pbjs function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| __uid2SecureSignalProvider object| __uid2 number| time_interval number| geopercent number| geoedge number| min_view_andbeyond number| min_view number| timebased_refresh_andbeyond number| hijackabm number| unfilledabm object| andbeyondnewarray number| residual number| residual2 number| refresh_andbeyond number| number number| refresh number| iframes string| machine_rules object| label_adapter_video object| label_adapter_display object| config_rtb object| adapter_rtb_new string| home_country object| adunit_network function| getQueryString_val_new object| myElementrtbtracker string| sitemainurlandbyeond undefined| andbeyondhttp function| getQueryString_val object| andbeyonddebug object| observ object| slot_vis object| start_time object| total_vis string| country_rtb1 string| city_rtb string| city_ip string| city_region string| Countrytimezone number| timedate1 number| andstatus300 number| andstatus3001 number| prebid_active number| newtestunitcount number| adlooksstatus number| adlooksstatus1 number| adloox_fraud number| andbeyondadult string| timezonename number| newunitcallback number| width number| height object| block_url number| size3001status number| size3002status number| size3003status number| size3004status number| size3005status number| size3006status number| size3007status number| size3008status number| size3009status number| size30010status number| size30011status number| size30012status number| size30013status number| size30014status number| size30015status number| size30016status number| size30017status number| size30018status number| size30019status number| size30020status number| size30021status number| size30022status number| size30023status number| size30024status number| size30025status number| size30026status number| size30027status number| size30028status number| size30029status number| size30030status number| size30031status number| size30032status number| size30033status number| size30034status number| size30035status number| size30036status number| size30037status number| size30038status number| size30039status number| size30040status number| size30041status number| size30042status number| size30043status number| size30044status number| size30045status number| size6001status number| size6002status number| size6003status number| size6004status number| size6005status number| size6006status number| size6007status number| size6008status number| size60010status number| size7281status number| size7282status number| size7283status number| size7284status number| size7285status number| size7286status number| size7287status number| size7288status number| size7289status number| size72810status number| size72811status number| size72812status number| size72813status number| size72814status number| size72815status number| size72816status number| size72817status number| size72818status number| size72819status number| size72820status number| size72821status number| size72822status number| size72823status number| size72824status number| size72825status number| size9701status number| size9702status number| size9703status number| size9704status number| size9705status number| size9706status number| size9707status number| size9708status number| size9709status number| size97010status number| size9702501status number| size9702502status number| size9702503status number| size9702504status number| size9702505status number| size9702506status number| size9702507status number| size9702508status number| size9702509status number| size97025010status number| size1201status number| size1202status number| size1203status number| size1204status number| size1205status number| size1206status number| size1601status number| size1602status number| size1603status number| size1604status number| size1605status number| size1606status number| size1607status number| size1608status number| size1609status number| size3201status number| size3202status number| size3203status number| size3204status number| size3205status number| size3206status number| size3207status number| size3208status number| size3209status number| size32010status number| size32011status number| size32012status number| size32013status number| size32014status number| size32015status number| size32016status number| size32017status number| size32018status number| size32019status number| size32020status number| size32021status number| size1001status number| size1002status number| size1003status number| size1004status number| size1005status number| size1006status number| size1007status number| size1008status number| size1009status number| size10010status number| size4681status number| size4682status number| size4683status number| size4684status object| label_adapter number| tier2 number| tier3 number| globalandbeyond number| factor_internal number| timebased number| timebased_refresh number| timer_refresh number| factor_visible number| factor_tier1 number| factor_tier2 string| factor_tier1_text string| factor_tier2_text string| no_refresh boolean| detectPartial number| highcpm number| highcpm1 number| windowwandtest number| strategy number| myVar number| randomval1 number| network1 number| network2 number| percent1 number| namemc number| windowwidth2 number| PREBID_TIMEOUT_NEW number| floor number| ref object| rtbpbjs object| divandbeyond number| andbeyondtotalSeconds number| andbeyondtotalSeconds1 undefined| andbeyondtimestop boolean| idleStates object| idleTimers object| a9slots object| block_domain_creative string| pathurl12 number| geoindiablock object| and_geo_block number| prebidurlbind object| adUnitsregular object| debug undefined| adunitmock undefined| adUnitsfirst undefined| adUnitsvideo number| geoedgeinterval string| url1 string| country function| adloox_pubint_timeout string| toisiteurl number| windowwidth1 number| geoedgeinterval2 number| localandbeyond number| windowwidth number| global_refresh number| newid number| flag2 number| refresh_time1 number| refresh_time number| refresh_time2 number| hijackinterval2 object| isMobile1 string| osdevice number| randomvaldatatest string| url22 string| urlmob1 number| globalcount number| sanooktest1 number| globalinterval function| checkeractivenew function| bidder_restrict function| callnative function| encodenativeurl function| callvideo function| calcTime function| isInteger function| myTimer function| isVisible function| bidadjust1 function| andbeyonddisps function| addListenerMulti function| blackbox function| refreshBid1rtb function| refreshBid2 object| aff_var number| floorlogic object| bidder_allowed_native object| bidder_allowed_video object| apstag object| adUnitand12 object| playersize number| pos string| native string| context number| count number| j object| adunit object| size string| code string| code1 number| flagsize object| temp1 object| bids object| bid string| temp number| flag string| adapt_temp object| params string| param1_name_video string| param2_name_video string| param3_name_video string| param4_name_video string| param1_value_video string| param2_value_video string| param3_value_video string| param4_value_video string| param1_name string| param1_value string| param2_name string| param2_value string| param3_name string| param3_value string| param4_name string| param4_value string| param5_name string| param5_value undefined| label object| adloox_pubint object| ignore number| current_time number| refreshval number| number5 object| _aps boolean| apstagLOADED object| apscustom object| lotame_sync_16576 function| ha number| iframe1 string| iframeid number| len string| pos123 number| size300 number| size250 number| size600 number| size728 number| size160 number| size120 number| size970 number| size90 number| size320 number| size50 number| size336 number| size280 number| size100 number| size640 number| size480 number| size1150 number| sizehp11 number| sizehp12 number| sizehp13 number| sizehp18 number| sizehp14 number| sizehp15 number| sizehp16 number| sizehp17 number| sizehp19 number| sizehp21 number| sizehp22 number| sizehp23 number| sizehp20 number| sizehp7 number| hijack string| h2 object| json object| test string| d1 string| a1 string| c1 string| v1 string| s1 string| h1 string| si1 function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_oa object| sync16576_xa object| sync16576_ya function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_J function| sync16576_K function| sync16576_L function| sync16576_la function| sync16576_ma function| sync16576_na function| sync16576_M function| sync16576_N function| sync16576_pa function| sync16576_O function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_P function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_Q function| sync16576_R function| sync16576_za function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_Aa function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Ea function| sync16576_Ba function| sync16576_1 function| sync16576_Da function| sync16576_Ca function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Ga function| sync16576_Ha function| sync16576_Ja function| sync16576_Fa function| sync16576_7 function| sync16576_Ia function| sync16576_La function| sync16576_Ka function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_Pa function| sync16576_$ function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa function| sync16576_Ta object| ID5 object| __id5_instances object| hadron boolean| __halo_loaded__ object| PublisherCommonId object| rtbpbjsChunk object| _rtbpbjsGlobals object| ADAGIO object| invibes object| mnet string| nobidVersion object| nobid object| au boolean| ee27d9f0-8bf4-4b78-a89c-1a17d4b7f76e number| success number| timeflag string| idnew2 number| knew number| newidflag string| vs3 number| nextactive number| nextpassive number| time_refreshunit number| nextnumber number| passivergptbillboard3 number| activergptbillboard3 number| time_refreshunitrgptbillboard3 number| nextnumberrgptbillboard3 number| newflag number| diff number| flagnewone number| passivergptreca4 number| activergptreca4 number| time_refreshunitrgptreca4 number| nextnumberrgptreca4 number| passivergptSkyscraper5 number| activergptSkyscraper5 number| time_refreshunitrgptSkyscraper5 number| nextnumberrgptSkyscraper5 number| passivergptleaderboard6 number| activergptleaderboard6 number| time_refreshunitrgptleaderboard6 number| nextnumberrgptleaderboard6 number| passivergptuniversalb2 number| activergptuniversalb2 number| time_refreshunitrgptuniversalb2 number| nextnumberrgptuniversalb2 number| d string| timezone number| current_hour2 number| __google_lidar_ function| __google_lidar_radf_ object| GoogleGcLKhOms object| google_image_requests

55 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: ChMKBgjdARDTFgoJCP____8HEN0W
i6.liadm.com/s Name: _li_ss
Value: CgA
.sanook.com/ Name: _gcl_au
Value: 1.1.717176171.1701719520
.sanook.com/ Name: _cbclose
Value: 1
.sanook.com/ Name: _cbclose45879
Value: 1
.sanook.com/ Name: _uid45879
Value: A8F0157A.1
.sanook.com/ Name: _ctout45879
Value: 1
www.sanook.com/ Name: verify
Value: test
.doubleclick.net/ Name: IDE
Value: AHWqTUmZIXCGNO7iujqRH6EtMIEl3LSOdLoVtSgjpxxh6KRSrmq3ZB0PvZPHaQYp
.sanook.com/ Name: sa_optout
Value: 2
.sanook.com/ Name: dc_optout
Value: 2
.sanook.com/ Name: ads_optout
Value: 2
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: a4cd30c9-1187-486c-a80f-eb6c8ff8f4dc
www.sanook.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.sanook.com/ Name: _ga
Value: GA1.2.991902406.1701719521
.sanook.com/ Name: _gid
Value: GA1.2.1915569760.1701719522
.sanook.com/ Name: _gat_UA-8147095-6
Value: 1
.sanook.com/ Name: _ht_v
Value: 1701719521.1845507083
.sanook.com/ Name: _ht_s
Value: 1701719521.2
.sanook.com/ Name: _fbp
Value: fb.1.1701719521956.459781400
.sanook.com/ Name: cto_bundle
Value: JP6h019GZ2luNHBlbHpUUklvc2ZyZUs0TyUyRjJFdllyVU1ZY2JOZTBNNkdJZ2VZaU5paExCdHVSU3poTHJ0Z3RzaFZSZUdWVWw3VjlSVG9VQ1pERlNrR3B2REoyNnM2SnlVYWdvSkViZnZCcGUzaU1EaGhCU1Njd09LdDlMUGhCJTJGZUllR2x0aXFEMnBZV3N5cDElMkI1UUtQMDJ5WkElM0QlM0Q
.www.sanook.com/ Name: freq.5f73e63e47e7040e00000000
Value: 1
.sanook.com/ Name: _sa
Value: SA1.2.1739298223.1701719524
.rubiconproject.com/ Name: khaos
Value: LPRBV7Z4-K-6VBY
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qrYkVyDJrrgYQNb0fGVcfL/XWaA1sYWTLHiXIXbtn90wyPxlBGXjPwJQ6V1Ny0w888jft+xAT1+NiYbB5SW5XQ3876gXU9t9lMijy0RC4Zd8Ri5j99IjSR+
.sanook.com/ Name: lotame_domain_check
Value: sanook.com
.sanook.com/ Name: __gads
Value: ID=46e7cf4f5e699ed8:T=1701719523:RT=1701719523:S=ALNI_Mbtm3lrg6Ht8V2hHJ8Y36o6hHzS7A
.sanook.com/ Name: __gpi
Value: UID=00000d035d091fe5:T=1701719523:RT=1701719523:S=ALNI_MYrNrBlWlTBnnrtNXiZwlNNFW_yCA
.openx.net/ Name: i
Value: 5bb1058c-46ef-4868-b3e6-e9e371174684|1701719523
.adnxs.com/ Name: uuid2
Value: 2907859288206725818
.casalemedia.com/ Name: CMID
Value: ZW4t5IQOUnz3InHztUa7WgAA
.casalemedia.com/ Name: CMPS
Value: 1216
.casalemedia.com/ Name: CMPRO
Value: 1216
.innity.com/ Name: iUUID
Value: ac997496aecd2d0ec726587422933dfa
.sanook.com/ Name: iUUID
Value: ac997496aecd2d0ec726587422933dfa
.sanook.com/ Name: innity.dmp.225.sess
Value: 1.1701719524346.1701719524346.1701719524346
.sanook.com/ Name: innity.dmp.225.sess.id
Value: 161253165.225.1701719524346
.sanook.com/ Name: innity.dmp.cks.innity
Value: 1
.simpli.fi/ Name: suid
Value: E9DBE17703284C178397F81EC2CE2B07
.demdex.net/ Name: demdex
Value: 54293743819785051471763060778089874632
avd.innity.com/ Name: geo
Value: EU%3BGermany%3BDE%3B%3B%3B
.mediago.io/ Name: __mguid_
Value: 9d9fcb00c392d8852zakor00lprbv8v0
.liadm.com/ Name: lidid
Value: b6cb1913-2eaf-447e-aebe-3cb6fa44d3c8
www.sanook.com/ Name: _lr_retry_request
Value: true
www.sanook.com/ Name: _lr_env_src_ats
Value: false
.dpm.demdex.net/ Name: dpm
Value: 54293743819785051471763060778089874632
www.sanook.com/ Name: pubmatic-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-12-04T19%3A52%3A06%22%7D
m.exactag.com/ Name: exactag_new_gk
Value: 9f309774ccc44c7b8118bb7aef2e3608%7C02.02.2024%2019%3A52%3A07
m.exactag.com/ Name: exactag_new_uk
Value: 53582d1f25484935b4339c7ff3b5e487%7C
m.exactag.com/ Name: session_session
Value: 2a468cf7bc4645aaa4a0be34
www.sanook.com/ Name: _rtbpbjs_userid_consent_data
Value: 3524755945110770
.sanook.com/ Name: FCNEC
Value: %5B%5B%22AKsRol99MnGCmDWTJ7DsHHHb6adp4VyGj8RLqArKJFnV__d_HatZs1H9RYAfSNezGkxRfc3DSP-PiMFdIJv7n3F7l4qiqdTy8DwxSI70Qjl78abDlzgdvKNZmyzdvQSyAsVjNfyjUaH6LLk_b4r_6zDQZ3EPuq2qFw%3D%3D%22%5D%5D
.sanook.com/ Name: _ga_M0RYDTKBFK
Value: GS1.1.1701719521.1.1.1701719531.50.0.0
.sanook.com/ Name: _ga_17F0RQM2JW
Value: GS1.2.1701719522.1.0.1701719531.51.0.0

5 Console Messages

Source Level URL
Text
network error URL: https://s.isanook.com/sr/0/images/landing/2023/KingBhumiBol/bg.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://rtb-eu.andbeyond.media/hb?zone=136922&v=1.6
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
other warning URL: https://a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript error URL: https://www.sanook.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://www.sanook.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
a.teads.tv
a6945efe5c61893ae96fd714d35e3260.safeframe.googlesyndication.com
acdn.adnxs.com
ad.doubleclick.net
ads.eu.criteo.com
ads.pubmatic.com
api.rlcdn.com
avd.innity.com
avd.innity.net
b658dd82d5a8e28f7ee079cd9d71e1b6.safeframe.googlesyndication.com
bam.nr-data.net
bcp.crwdcntrl.net
beacon.taboola.com
bidder.criteo.com
c.amazon-adsystem.com
cat.nl3.eu.criteo.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.ocmtag.com
cdn.prod.uidapi.com
cdn.taboola.com
cdnjs.cloudflare.com
ced-ns.sascdn.com
ced.sascdn.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
connect.facebook.net
csm.eu.criteo.net
dc.sanook.com
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
f607b4521fa3239412fa7c19d1e1bd2a.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fundingchoicesmessages.google.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
graph.sanook.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
image6.pubmatic.com
imageproxy.eu.criteo.net
img-as.fsanook.com
js-agent.newrelic.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
lvs2.truehits.in.th
m.exactag.com
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
p.adlooxtracking.com
p3.isanook.com
pagead2.googlesyndication.com
prg8.smartadserver.com
region1.analytics.google.com
rtb-eu.andbeyond.media
rtb.fr3.eu.criteo.com
rtbdemand.apiip.net
rtbpass.andbeyond.media
s.isanook.com
s0.2mdn.net
sal.isanook.com
sb.scorecardresearch.com
sdk.ocmhood.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
sloth-api.sanook.com
ssrv-pixel.bidsxchange.com
ssrv.bidsxchange.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
t.ocmhood.com
t.pubmatic.com
tags.crwdcntrl.net
tencentth-d.openx.net
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
u.openx.net
um.simpli.fi
ut.pubmatic.com
webboard.news.sanook.com
wrappers.geoedge.be
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.sanook.com
www10.smartadserver.com
api.rlcdn.com
p3.isanook.com
104.18.36.155
104.26.6.228
119.81.192.134
13.32.22.213
142.250.185.98
142.250.186.102
151.101.129.108
151.101.193.44
151.101.66.137
151.101.67.52
157.240.251.35
162.19.138.117
162.19.138.82
162.247.243.29
172.217.18.2
172.64.149.180
178.250.1.6
178.250.1.9
18.238.243.129
18.239.18.33
18.245.60.53
185.64.189.112
185.64.189.226
185.64.190.78
185.64.190.82
185.86.139.85
185.89.210.122
193.108.153.18
2001:4860:4802:32::178
2001:4860:4802:34::36
203.151.128.172
203.151.133.19
203.154.58.214
213.202.235.8
217.182.178.224
23.209.239.88
23.43.60.191
23.46.68.61
23.52.120.246
23.52.123.144
2600:1f18:ed:550f:5c53:f7f0:1386:5d9a
2600:9000:236e:8400:2:d490:4d80:93a1
2600:9000:2447:3200:a:e047:753:a221
2602:803:c003:200::31
2606:4700:10::6816:35ad
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:10::ac43:266a
2606:4700:20::681a:6e4
2606:4700::6810:5514
2606:4700::6811:190e
2a00:1450:4001:802::2008
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:81c::200e
2a00:1450:4001:829::2001
2a00:1450:4001:829::2004
2a00:1450:4001:830::2002
2a00:1450:4001:831::2006
2a00:1450:400c:c04::9d
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:2638:d::c
2a02:26f0:780::5f65:36d3
2a02:6ea0:c700::17
2a03:2880:f083:9:face:b00c:0:3
2a06:98c1:3120::3
34.102.146.192
34.107.231.31
34.120.135.53
34.91.62.186
34.95.81.168
35.208.249.213
35.244.159.8
43.152.26.142
43.152.26.58
52.214.165.240
52.223.40.198
52.51.155.112
52.66.55.247
54.216.8.15
54.82.8.121
61.91.93.45
61.91.93.46
61.91.94.165
69.173.144.139
77.245.57.78
0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda
0535646c2bdee0fb8dbf224bdad07da0c54c02cb6f695cd46f6295580b82784f
05a011e4c18cbbd523adb121a683efb10c49aa92856b0a31f93adea68bd8125f
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c
08097c2c1e613cd4b5435630303c93434c5357af43a23228630da634cc010697
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08a3781865729657f2de158d43263b646264b0da2a1d045a43a34a0eb8ebade7
08a8463bf15cca775e8cc01995f1d42758cbda90dee2b7019fee15daa62822c9
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0b2e019fbe37d9642ad85f3194ef708e5510f4e580544587d3036d2c6a22809e
0b55ec4e5aa91ac70224085c402a372fcdd954dd4df3229b7de7efbfa86cff3c
0c9eeaa47634a16e9e7c0ee8f74dbb188d7e4bcfd367666569ac9c22351743bf
0caf21412aa26c51d5c9204bab541c31332cf7e965272596761abaf58b9901a0
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1078fc0700293c883480afa0e37927e47fb670ed44dd1557f7760e2a2b3bf6f3
1150925cc59c7046516a9aaaf3d9add1cd9cce4f6a5002154a4cfe3432906427
12c77ac611a4332b163f12367043df571ad45e56537880d12235f9aa3376e777
13f8d11d1f26bafa0412af09d06db89861d8a73907791447389d4dc2d5b8c3cc
18b13a0b65233357b08c5ca8f983a58413aab4f131896e3c245146f082c07332
1a49bf674b1157e5f256fc76d3f30f9ca80d6b7fe112180f8d386386e01b74d8
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1ae05b24a517641bb42f8acb28e27bc00e482e46fe4217f0fb85219909eccd4c
1b756182a9188a34ec0cc76770a9384ccb2672d98d4091bc97e7b6072a352b31
1bf2204e4bc320500b589d112b120f2c00240f6bac71af61590485ae0ebc5998
1e9b8b8ba4ef6b1a65e61801988482653fc2c24210ca47725a675399eb05012a
211ce11050c57b74d7f793232305a8ee5cea7f061366efaa6df4bff5cb7a2495
217363ba16ee2d4ec1746e88286ee68b9e4f747caf06142a0eaa284f80df0c7e
22159bc74ebb15baa90cab684fa968d25746f422d904182674614a411c5d425d
229761f4b3e4286f03987779a2068fd5f07b44778d9bf7dfe7d8a31b36d8c68d
233b1c7a6f5d9b182a9588c039a58a1787f1d6c8f57772079a63626cdcdb62e2
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
267037fe49ce85195ae3cfe5f7e4039076293f0b6778f6b943130c7940c8335f
27e3898e078a99fc5f43b11cbef454a94563852fc306e3a9f163146e02751a19
2906bc34f7e82136ae4c34e0ef9238fffeb7395eec21b1bf94f631714ad89558
2a22f4a574d31e44b39a6e5a77a1e83a32d8e49dce88acf63eaec82359a9dc2e
2ac05fa6e28bdd8a7dae41f39d4f0d1d1fdd2375132dc85e99a9e35fbb24d880
2ad2e0dabfe69db1f2fa50e28da4cff673db42de2a7c9990610dc913ae7f8ab5
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87
2d46bd0a0f0623955233a460eb68ae79bf67f4042d875558a2fc3fb3fb07e316
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2efcf16ce3beffb541c3abb00625ea8be7e0fa53ebaa3281f921bd1a87f546af
313d7bad01577d169a368d471264cd2228b145a183fba42679f41e1d2b2a9f27
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
326769f1c3d0df4bf5f751fd0f2a01ce9e1aaf5c405c26e56c376b9037040159
32d4e32610f665f17e5f51340879ea8ef32485270d3e74e8e70eeae967b32cfd
33919f4485548e794d87e07115b80c76a42d88d6c7dcae4c17fa3300942a480d
33ff72051866ed5f6fa92f78864d15c8d5243dc09c91b76efcc32fce2eee413c
3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad
37aa5b018742eebffc82207c29c0b5875a5ec429b2739c1e80d8599142e81bf3
39a9767a33fe8b9d31f24bb9f29f98152c9f738a1bf59539cfd87285d30be231
3a0cfeb3ca8a8574d1b96bb634739f2d33525dea2cfa52a958b685bdb597c594
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dd9f009128a2a646a481df4c9a595c1aaa011dde0b36daa64201e13a3902ba4
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
412e44de7c09f2b8d76b1ad4ca25cc6915bcca5d737aaa7c5a6b44e5965d1d6d
41901856e08974ad191be3680302b4f2c0bcd29e8179b8ab3187088deee1c43e
434f5f9118115a1685d49d74e862716c5e7d6cad6aa72f661bdebfa6ec76bbba
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436
4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d
457500eab2b1d9efabc49ded3803a9d10abad6d5988455dec55fc55ae1385925
4675cef10aa0b55eb18489711464ed024ee312f295371a068453ffe6a77eb5c8
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a722d8d6843899e3693305a0008ac92ded8237a956b5bc5b183e829668e02a
4aac1e1978094f35833eee36e824d4efdf0c16a38086db318c4586c41bc79312
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
4d50ed498aaec653a667bfc73ec4a0a02daecafae2f18007b3765d02507afb49
4d8896752f7ef79d68927c25ad9e7d72dbdd33762a14fc742040b15a163e57ab
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f80b6b9492d8591d006c59512737b2bf8509b15deb91a57ee74d8742905554e
514c143c87b367ad452e458535feba837f1c0201b38055ecfc1e772bd32f80e1
52b7c084bbe7cd248dc0be6c9cb5d509dc6c5117343a0a8bcde44b18c607e268
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
585738396fae4e344e0b08fd3ce6550234c957fe9abfcc4777e0df26508c304d
58987809fe0fc8b1ab3f236a1e9c03863b7a843cffc1c0b4b7a9b3896e371b17
5a24285a02622a144427e9fa96fcb3d4e4ec79d9ac6b13f1dccd2e0cb01f61af
5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305
5b75177effc84edb03db4e14a68ce59db974e2adfc3df756859156c84b42e729
5b930007292d6deb08e2230ca41426d4897c5347be9e3b444a8cdba9410a0d9e
5bf7724d62557cbb156e410f424acf0d48a3f5b6db47b4ba25db0699d9e1305a
5dfa82f46c4ae85ec1f5515f5b74b176b6b00343eb768ebbe7777a4cb00d30f9
5e82a9a942df4d55660289375a45036be26234e2fb6e8ab5f20f3b725aae29ba
5ee0967cb609951ce7fced06d5776b6519c4376dcd5f3985e2fde85cc28aaebd
5f15dd9661e999d7365a0243aae5bfbd736d36b11946dc72825793ee60b1ddf8
6110bd3d72d24a65ab45401d0318208e362f323aca3c84d57a36523d34a60f0b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62998eb230205cec9dbb97bedc6654520af6e3b2b452f17c38b54eb10829a005
62dd4dacff1bc09cf71f6042f5e2afb89b53db1333447b80def6815e58b324a5
63a03df903030d78749fa647494b5c18c248cd464a95eb768e972278d885f9df
63c232511cd1f130faec46a40a0cde0cf7ea83a19b34f01267b793c8695c51b8
642e0c55f52b2a291e47f5ab2d322e35f6776d8ce73b9cc0bd86c65bd4a26620
648c9a624cd37f634e2af4464b65ac480dacebfd73d1c60d0d9f9063f2e25362
64a3b0d62991111449c66aecd89e3a791009ab343c8bbd295c051b165e831d0f
64c3b89541ca33d2eeeadf0a7b2730e85f6517758bb478d381186c4d58e945c5
64cd311081260097d34f79b99498ee73fdc817a629f9d7678401317c2cd54dc9
65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4
65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479
66dda5fa0f8f05dc23cb0a405c75607b04dc6adfd6079606eaec99fbed88facc
695669eab4d353184ff9d06af8b2e1d0c0aea5af143d16b84206b05f1fa7ec3d
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a8b78fe3e49244435de404c17af47b10b72e564b9c2e0adea38b74d8afd6946
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
6f902cd4244604287f63471af3b481b4dec3846d742a5edb557a9b3ad4b0de3a
71f87e540c02404c99e640a13e6b134d26a295c32012e9b8713789c79cbb47a4
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72b957c8e33b77cbf556151dc0c974c59408561b4bf97828c5b400bb60663138
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
745f76c8d7cfbe00c5f1d9cd212b35730ca273ebdf6f8b0f3f4f69e0ccb2ba29
7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5
7623e81086cf33b70d022c15467c4708e3a46a06140ada41af61d93992211401
76bba525b070fc8fa358de9626d0eb4815dc740910115c8b560749041ec25736
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
77c32d6baa2fc6b1d615f0965434ec49d6dd99ca81ba343f36fc64c7f77754a0
78042eef17344194d24a4b40dbd51bd066b548ac4bf7efbbe4f6847f712a4e7b
79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d
7ae3934f007c5668a430a121ae41421d6085effc72f612252274076e97497441
7c5768d550b4f308928feda083854e7886d51ee2bde57c49d03a46371c75dc41
7c907c63bf68b6afa5d3ca05bcce173900762e0eb58c0fc0b8635f7e4ff5dd82
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
7e071e5b39d13cef80f7a46d854de133fd73c15d1351ebcf7e1f1b48821e7aeb
7f099332b196217005707d477a5486f533f1259bb0dc205fde5a996f6e6fafcc
7fc87d749d45b796576fc12dfe98ec497d9e4cbd04e9ed4ddb160e33c910d77a
8127643e863b0771e92ccbf8ca191d56ab281b8d1750b0c064ee080d78359b50
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832d3d6a92e684c30eb9f9c0f4187545cb0c103645ee7c3f4f91cb5f4d46ffcb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836480c3e4a9aa54acedc28d9539c113cae8e1ea381ebdae1d3f7bc5850da977
84dbea809787acd9c5c767113eb3f7bc492f55812613c10507f66f10d205db36
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e
8756f19020bac3a40d2a403c5f5bcf3ac5034bc0da074d6a383bbe6c32561de5
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b2d197527d0ce7b8a97afa40f331fefb8d2ae10fcfad7ca1881784bf3c073f3
8c16ba9c233fa2dc3dcffd7e88d3c625c4938963d8d173d6b7ebb4763172b45a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28
8db68c65f05ec88a2f708861c871fff6340f92b24f42f3cf78d5f247b8a2818d
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
907838ccabab2b1dc22f8614d985eacb86a04da9d97cf5e4bf8f5f02318e707d
9685966f38baada04e114a6b90a06bc0ca71eeaff4e42a694f657bb9b3aec140
97d03d9b36e2b7d108829b94735695dce99b5d34a3965397e2b3ba13ac8874be
99547a965f07daf7a5531abff25b655f8ca954dcd1fc1794a87e62b4f59069a7
9ba6d97eb305dd66e12077bfe4e73ba94e9bf6e932138e37ef20028d54079ddb
9c5203f8234220458f47b5303187a431e130032cf5362dbf19f35c5b63693e19
9c7007b2a6b24d85385a2f9051fb94dc87674259183216af03839590443368f5
9cd0cf9358f6d9ef9aecc29466faba4f8f2f5b9a79f03be60e6b220558fd4340
9d7e6a41a41889f1c7ba094a19627e8b5bb548fe8e905d43e0f3c0c9bf748b0e
9e8632bb62cb8ee4fccbcbcd0baaefc4e79f47efb981606d4ba1d6ab499687c2
9ee8564f9571951120c2f076afc16bbe6a23e34f6862fdae186e7303104a6090
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
9fcb61b1ebede6235a8da1e9c82dce2dd5945790bcc05f20c8e257e8931a182e
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a2450a08d1b70422fa6848f0d7387de99fb94ce532ec24d1748aad557a2860a6
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3956b6c7e87de3d9e052814fa5ce9f6114e8a8e57b8ede79129808c26791180
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5cd3e23b9b29562a2d2ff57f920e7c30769c2bbe8c778206191bee884c61f13
a607f285a8e793ed2bda8f9da395cf56e80eec5a088089efbaefa5340f6b56f7
a6c1a4a64cad91138cc2da2e26ea2d61cea09ec4ddb93d818bbaf8203d0f8782
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a77416340ef4d50c1ad457ecaba7501d075b9d9aa019b4ebac8147268aa4ae1c
a7d18a2f2648b26ba7ca0d4a2d639d01172fe4e2d26e416c13ce291a817d3b07
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
ab9bf5356fde4d0a883d300594d2cd45afd6c6202955fd68e3a11a660b7f6396
ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f
ac2bf451821bda8f8efa7d6de2fd8a4f21b3072e9a9f3c38cf0743c5d75b403e
b02bf2a8d76d3e8d58db00ee7d49100ee09d44b38d1d363bdbd33f9c72e92da1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a955d5e4f9bc19701dcfca5568ad72d96d143a1a25bc55c862dfc2280c0d7b
b2838c013485964dd95c878559dfc6b84932e1bc3d58d7e37b32bb63c5e6e222
b2bb8debb0b4e407cc789a3841d55f3c8e9f7804e91e77a056b529de9803f42c
b62d7cd1c784a57934dba9ddfd95df813d8d09c8e2c63b6fd2d6d1fc77943070
b63ca2dbcf9171f125880e9c7dfdd328c35b0e6ecf7e59ed1975421c1fc52b10
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
b789d55d1e8e6bf830e4febf3d2203899395d153deb08979b807923fa2fb04e6
b7dd5104a683a930f8315f563366fd3e6c2b30ecf306060c65ef037bf1f5ea59
b9ce8b82f68dad846b707a6771d1bfcc2276a51457aa98195b4b46b711768177
b9e38cc9731430afe84fde118d71237c9a86fce3230e5ac7ae1d7f86c102842a
bb9ed1770e9024deb98eee45ba561267d7ef74129e952928e7d62d581948bc0e
bd591de37c3cfc80aae4caf27152103ab575f78bd92193556e48c1aeb728e0de
be670c3d3cc9021e3e244a863bd36f5c685a09f46cffefdb930b9fefee0fec0e
c167d57f349ee749abdcf3d074257ad9942c0e55edb11408747c37d51ae88385
c44b1665bde2b3f0a1b356fec4559832ae270f7180b48265da8832815698a55e
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c4d2deee9efa1444fc8bff5bcb0da83b42665fbda5496b0d78ae52b7cdd26aff
c60e2fc9ce0914bf1cf11e141c745da30edc15af953fd6682d0d95df5d83f809
c6213aed1cf715e47b28ccdf8a0539c3572673e48da4c093084257c180f7bd01
c7cefd33b64a544e86b804168e695c0f7e4bebe824ff5dc68b10bf5ccf0cc1f9
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
c86d792f85479bc941b4eb8e817e461f88e5b57097f65c48529b509857bda2ea
c874f708f5b975cd971bc4b89f3a432a46121a549273f79c0e1363ef54001157
c8985002f268ae0e88a430ffda3a3d906a6f0c08efbdca65bd86922e046a5118
c960beab74ffdb10178b7805fa66227341330b2c8fafb459c3a33eece8f9712b
c9797755743831b32e32cdf7199e269fa617b96df4ec423ad7d82414a4b80262
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ce7efaa2a22ebe26b1804d276a8dfcac9ef2d536df967ddd924e6f4fd1b0afac
d050c56b76cb2dae10e3eadd8e8f5e83594db0916d25946bec2f662f69dd776d
d203c6cbaf3576433a7557816995ce325217a4a46e8ba96a93a89616e27c1d85
d33247e83dec1323d2ae9bc98565c27e5cef5f88de426ff218733bf8f7eeb05e
d54717b34b981fbbc941323dfd3391ca43c7d108296c0a3a4d7102c89ebb393a
d57aeaf80265f0b85de1bf9798c3eb60e8b8a71869a16cea4873e21667c9f657
d68c3ead837103c502de483abfdb0167fa83abe2a3ba452df2d5f216289f6c9f
d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74
d6c98f2357580b791144c81e9cc0c04e61d5d66cf3abd5571d1f6935086fbfc6
d6cd0a1cf5f7d5a389b4faa08512dc4cee5b724c55bbc7d26c17d17529291a26
d930d6c143a80df7207da19ac3aa05424b6466384ac5a6a64930c8f36cc799f7
dada31613ec07643549dd0ba2fccbbbb2063c5af7ddd3e2377c6cdb5ade0cc04
db0ef5f49abb21772d8a5b122a3db52b7237b711ad13786b98629624a1c72ad7
dbc8e7010be7250d7092fa7cdfc81186f97e3abf060d836d4054ba37f1160ce3
dbfca8f62f4d47d18aac3a1e3ef093fc746cee5fb2dc112f93f6faddfb11e575
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0133ad069dd9fc510b0c60d829f208f017e3ce216ccadb81472efa42c1519bd
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e16941500a7e562826092aa4e31a907a0c6e9354e4c843391cd3fdec33602bb1
e17b04fbaa36e4d655eacb04e8b380ba7bf4e970ee4dbe0e0d627289d3deca22
e26fd6d81da78c22e7646364f04a929f11313b9b12e04c181efa03135a83f03a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e029d067fad52660b4fe2dc769afd15806a944471fa0d44f9051b9cdced871
e4c29700b0114f6280ba441711d69a972954694942152d1a8bfe1b186ffb9e5c
e5c6f306a0a8f22c5ad8542b46dfd032d2ce1abecff03db35eeea72595255a4e
e6f66edeac3b3a3f7b2cd9d2c9c0365f42b989cc873dd956522bcc03e1279413
e703a095f6114a9905c889cd75b7bd1059a758b00d3c01ca55f3f064a686a389
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ea60c83228028b7ba7469c815c18f76d8513d237b9d00f3d71dd45926db9c926
eab89510b6fc25824331de313aa244ab5ffcf3836c3a9c8d01d01bb7b3564062
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec8f39a3f88b0cf3a001c5981eaa32271f80410cd9083561955c48fc2a0e0638
ed016889af6611a1a654e039e10f0aa66285d68199af13ec6bf33ee572757caf
ed4503cac3a473043ce40cdaa59190ac355ed5218ee80941b443ba1ff48c26b9
ed845309cbb4ba6687bdb3e03a5018929f36adfeb1964e1e81656f1b9d493603
ee4af143a6a0a29cda4f26e4e9e05fbc58918dfa32bb26bb7f43b266afc0a085
ee855581a36f5e32f1850e5d174d46156e51d3790a84851000c6b8cc0f135408
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef19e3064e5fd9e046a6f4661949e2c7b1c7862f5269ac227ab08b8f63da87fe
ef5f338df7591ca6ce59e1eacd77e870502cc909d36ff9b1c3c4ec06f10a5eae
f43a7bc5d06852f4ec45a0adb0c55384fcf077a5b10f4a2c6403222270f9d475
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b
faada89279d102f61abef5ae84646143acf3d16af0f5ebed0cde41f7fa884e22
fc6eb13198c4d3141d5a302a50f3e3b6e69bff1099894f7f435161579a72571a
fcb506a1d640d7702dce6efc99b35de675edbc65e5aeef96d547ab17105d1e4e
fee99ad0bd0cd5995682405178d9d2ede85fed5c79f543d8b740f53395291f64
ff9185c5b6810c6b41e2307e9da707adef8637c795a85442e8a14bd9b256c78b