urlscan.io logo urlscan.io
SecurityTrails logo

www.sanook.com Open in urlscan Pro
203.151.130.56  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.sanook.com/
Effective URL: https://www.sanook.com/
Submission: On December 20 via manual from TH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 92 IPs in 11 countries across 70 domains to perform 383 HTTP transactions. The main IP is 203.151.130.56, located in Mueang Samut Prakan, Thailand and belongs to INET-TH-AS Internet Thailand Company Limited, TH. The main domain is www.sanook.com. The Cisco Umbrella rank of the primary domain is 104874.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on June 16th 2023. Valid for: a year.
This is the only time www.sanook.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 203.151.130.56 4618 (INET-TH-A...)
4 151.101.1.44 54113 (FASTLY)
85 43.152.26.221 139341 (ACE-AS-AP...)
5 2a02:2638:3::3 44788 (ASN-CRITE...)
3 2a00:1450:400... 15169 (GOOGLE)
2 203.154.58.214 4618 (INET-TH-A...)
4 203.151.133.6 4618 (INET-TH-A...)
2 2a03:2880:f08... 32934 (FACEBOOK)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 142.250.185.130 15169 (GOOGLE)
1 36 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 7 2a00:1450:400... 15169 (GOOGLE)
1 61.91.93.46 7470 (TRUEINTER...)
1 5 2a02:2638:3::c 44788 (ASN-CRITE...)
5 184.30.16.195 16625 (AKAMAI-AS)
3 23.212.201.53 16625 (AKAMAI-AS)
2 18.66.27.31 16509 (AMAZON-02)
6 185.64.190.82 62713 (AS-PUBMATIC)
6 2a00:1450:400... 15169 (GOOGLE)
3 47.243.203.231 45102 (ALIBABA-C...)
16 2a00:1450:400... 15169 (GOOGLE)
10 2a02:2638:3::7 44788 (ASN-CRITE...)
7 185.64.189.112 62713 (AS-PUBMATIC)
13 2a00:1450:400... 15169 (GOOGLE)
1 77.245.57.78 36057 (WEBAIR-IN...)
3 95.101.149.35 16625 (AKAMAI-AS)
2 2602:803:c003... 26667 (RUBICONPR...)
3 34.98.64.218 396982 (GOOGLE-CL...)
2 8 185.89.211.84 29990 (ASN-APPNEX)
3 10 104.18.36.155 13335 (CLOUDFLAR...)
2 65.9.66.122 16509 (AMAZON-02)
1 2600:9000:244... 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 198.47.127.19 3257 (GTT-BACKB...)
2 104.18.38.76 13335 (CLOUDFLAR...)
1 2.18.96.175 16625 (AKAMAI-AS)
4 95.101.149.233 16625 (AKAMAI-AS)
4 162.19.138.82 16276 (OVH)
2 63.32.253.3 16509 (AMAZON-02)
3 43.152.26.154 139341 (ACE-AS-AP...)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
2 69.173.144.138 26667 (RUBICONPR...)
2 15.197.193.217 16509 (AMAZON-02)
1 2 209.54.182.161 16509 (AMAZON-02)
6 12 172.217.18.98 15169 (GOOGLE)
1 1 34.160.19.107 396982 (GOOGLE-CL...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 54.82.32.1 14618 (AMAZON-AES)
2 2 18.66.27.18 16509 (AMAZON-02)
1 1 193.0.160.130 54312 (ROCKETFUEL)
1 35.244.174.68 396982 (GOOGLE-CL...)
1 2a05:d018:d29... 16509 (AMAZON-02)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 108.138.1.25 16509 (AMAZON-02)
2 34.107.231.31 396982 (GOOGLE-CL...)
14 2a00:1450:400... 15169 (GOOGLE)
2 61.91.93.45 7470 (TRUEINTER...)
1 99.86.4.39 16509 (AMAZON-02)
1 23.197.10.19 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 151.101.195.52 54113 (FASTLY)
4 142.250.184.226 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 54.77.9.4 16509 (AMAZON-02)
2 162.19.138.116 16276 (OVH)
1 2600:9000:224... 16509 (AMAZON-02)
1 151.101.194.137 54113 (FASTLY)
2 162.247.241.14 23467 (NEWRELIC-...)
1 1 192.96.203.13 30633 (LEASEWEB-...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 162.210.196.208 30633 (LEASEWEB-...)
1 1 23.201.255.110 16625 (AKAMAI-AS)
1 18.66.20.160 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a02:6b8::90 13238 (YANDEX)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 216.52.2.86 32475 (SINGLEHOP...)
1 34.120.63.153 396982 (GOOGLE-CL...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... ()
1 35.241.31.249 ()
1 2 99.81.22.6 ()
1 1 151.101.66.49 ()
1 98.98.134.241 ()
1 18.185.66.38 ()
2 2 213.155.156.180 ()
3 3 46.228.174.117 ()
2 2 76.223.111.18 ()
1 2 51.89.9.253 ()
2 2600:9000:230... ()
4 2600:1f18:1ac... ()
383 92
6    203.151.130.56 (Mueang Samut Prakan, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 56.130.151.203.sta.inet.co.th
www.sanook.com
graph.sanook.com
4    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
beacon.taboola.com
85    43.152.26.221 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)
s.isanook.com
p3.isanook.com
5    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    203.154.58.214 (Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 203-154-58-214.northern.inet.co.th
lvs2.truehits.in.th
4    203.151.133.6 (Mueang Samut Prakan, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 6.134.151.203.sta.inet.co.th
sal.isanook.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2606:4700:20::681a:7e4 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.ocmhood.com
t.ocmhood.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.ocmtag.com
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
www.googleadservices.com
36    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
pagead2.googlesyndication.com
3    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
3    2a00:1450:400c:c1d::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
7    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    61.91.93.46 (Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-93-46.static.asianet.co.th
sloth-api.sanook.com
5    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
5    184.30.16.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    23.212.201.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-201-53.deploy.static.akamaitechnologies.com
avd.innity.net
2    18.66.27.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-27-31.vie50.r.cloudfront.net
sb.scorecardresearch.com
6    185.64.190.82 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
ut.pubmatic.com
t.pubmatic.com
6    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    47.243.203.231 (Hong Kong, Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
avd.innity.com
16    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
10    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
grid.bidswitch.net
7    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
13    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    77.245.57.78 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
rtb-eu.andbeyond.media
3    95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com
a.teads.tv
2    2602:803:c003:200::45 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
tencentth-d.openx.net
u.openx.net
google-bidout-d.openx.net
8    185.89.211.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
10    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
2    65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    2600:9000:2447:6600:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
2    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
db4318c4b1e041c3ee245d8ccfd7976c.safeframe.googlesyndication.com
1    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
2    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    2.18.96.175 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-96-175.deploy.static.akamaitechnologies.com
acdn.adnxs.com
4    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
id5-sync.com
2    63.32.253.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-253-3.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
3    43.152.26.154 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)
img-as.fsanook.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
2    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
12    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
cm.g.doubleclick.net
1    34.160.19.107 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.19.160.34.bc.googleusercontent.com
dmp.brand-display.com
1    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    54.82.32.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-32-1.compute-1.amazonaws.com
i.liadm.com
2    18.66.27.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-27-18.vie50.r.cloudfront.net
live.rezync.com
1    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    2a05:d018:d29:3601:7018:7dc3:a4e8:e820 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
rtbdemand.apiip.net
3    108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net
c.amazon-adsystem.com
2    34.107.231.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.231.107.34.bc.googleusercontent.com
p.adlooxtracking.com
14    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    61.91.93.45 (Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-93-45.static.asianet.co.th
dc.sanook.com
1    99.86.4.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-39.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
1    23.197.10.19 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-10-19.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
3    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
a.ad.gt
1    151.101.195.52 (United States)

ASN54113 (FASTLY, US)
rtbpass.andbeyond.media
4    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    54.77.9.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-9-4.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
2    162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    2600:9000:2240:1200:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)
wrappers.geoedge.be
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
1    192.96.203.13 (Dunellen, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
1    2606:4700:20::681a:467 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
3    162.210.196.208 (Bowie, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
hb.aralego.com
1    23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
1    18.66.20.160 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-20-160.vie50.r.cloudfront.net
aax.amazon-adsystem.com
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
bs.yandex.ru
1    2606:4700:4400::6812:22b2 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    216.52.2.86 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
1    2606:4700:20::681a:b19 (United States)

ASN13335 (CLOUDFLARENET, US)
rtb.adpone.com
1    2606:4700:10::6816:4192 (None, )

ASN- ()
j.adlooxtracking.com
1    35.241.31.249 (None, )

ASN- ()
data00.adlooxtracking.com
2    99.81.22.6 (None, )

ASN- ()
fw.adsafeprotected.com
1    151.101.66.49 (None, )

ASN- ()
sync-tm.everesttech.net
1    98.98.134.241 (None, )

ASN- ()
pixel-sync.sitescout.com
1    18.185.66.38 (None, )

ASN- ()
x.bidswitch.net
2    213.155.156.180 (None, )

ASN- ()
d5p.de17a.com
3    46.228.174.117 (None, )

ASN- ()
sync.1rx.io
sync.targeting.unrulymedia.com
2    76.223.111.18 (None, )

ASN- ()
eb2.3lift.com
2    51.89.9.253 (None, )

ASN- ()
onetag-sys.com
2    2600:9000:2304:a000:8:48e:53c0:93a1 (None, )

ASN- ()
static.adsafeprotected.com
4    2600:1f18:1aca:4282:555f:ca72:a70a:758f (None, )

ASN- ()
dt.adsafeprotected.com
Apex Domain
Subdomains		 Transfer
89 isanook.com
s.isanook.com — Cisco Umbrella Rank: 97809
p3.isanook.com — Cisco Umbrella Rank: 122128
sal.isanook.com — Cisco Umbrella Rank: 116013
1 MB
47 googlesyndication.com
18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
db4318c4b1e041c3ee245d8ccfd7976c.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
335 KB
42 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
532 KB
25 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2693
www.google.com — Cisco Umbrella Rank: 2
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404
75 KB
19 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 544
ut.pubmatic.com — Cisco Umbrella Rank: 7777
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504
image6.pubmatic.com — Cisco Umbrella Rank: 793
t.pubmatic.com — Cisco Umbrella Rank: 3146
266 KB
13 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
mug.criteo.com — Cisco Umbrella Rank: 2811
bidder.criteo.com — Cisco Umbrella Rank: 776
9 KB
10 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 484
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
dsum.casalemedia.com — Cisco Umbrella Rank: 1364
6 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
acdn.adnxs.com — Cisco Umbrella Rank: 610
23 KB
9 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 537
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 461
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 946
30 KB
9 sanook.com
www.sanook.com — Cisco Umbrella Rank: 104874
graph.sanook.com — Cisco Umbrella Rank: 204373
sloth-api.sanook.com — Cisco Umbrella Rank: 169224
dc.sanook.com — Cisco Umbrella Rank: 118481
51 KB
8 adsafeprotected.com
fw.adsafeprotected.com
static.adsafeprotected.com
dt.adsafeprotected.com
171 KB
7 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614
aax.amazon-adsystem.com — Cisco Umbrella Rank: 410
79 KB
6 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 893
id5-sync.com — Cisco Umbrella Rank: 425
68 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
351 KB
5 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 979
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
id.crwdcntrl.net — Cisco Umbrella Rank: 2417
25 KB
5 openx.net
tencentth-d.openx.net — Cisco Umbrella Rank: 147375
u.openx.net — Cisco Umbrella Rank: 672
oajs.openx.net — Cisco Umbrella Rank: 1639
google-bidout-d.openx.net — Cisco Umbrella Rank: 1643
1 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 6765
752 B
5 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
99 KB
4 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 30716
sync.aralego.com — Cisco Umbrella Rank: 2837
hb.aralego.com — Cisco Umbrella Rank: 30104
1 KB
4 adlooxtracking.com
p.adlooxtracking.com — Cisco Umbrella Rank: 24966
j.adlooxtracking.com
data00.adlooxtracking.com
31 KB
4 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1020
beacon.taboola.com — Cisco Umbrella Rank: 15997
7 KB
3 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1196
x.bidswitch.net
668 B
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1628
mp.4dex.io — Cisco Umbrella Rank: 2346
25 KB
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1673
a.ad.gt — Cisco Umbrella Rank: 1869
5 KB
3 fsanook.com
img-as.fsanook.com — Cisco Umbrella Rank: 173590
325 KB
3 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1466
1 KB
3 innity.com
avd.innity.com — Cisco Umbrella Rank: 35648
2 KB
3 innity.net
avd.innity.net — Cisco Umbrella Rank: 47448
13 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
3 ocmhood.com
sdk.ocmhood.com — Cisco Umbrella Rank: 50150
t.ocmhood.com — Cisco Umbrella Rank: 11511
13 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
261 KB
2 onetag-sys.com
onetag-sys.com
585 B
2 3lift.com
eb2.3lift.com
957 B
2 1rx.io
sync.1rx.io
2 KB
2 de17a.com
d5p.de17a.com
647 B
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 225
865 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940
547 B
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
94 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1785
1 KB
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 517
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
569 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 644
cdn.indexww.com — Cisco Umbrella Rank: 1640
2 KB
2 andbeyond.media
rtb-eu.andbeyond.media — Cisco Umbrella Rank: 146566
rtbpass.andbeyond.media — Cisco Umbrella Rank: 58952
187 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
89 KB
2 truehits.in.th
lvs2.truehits.in.th — Cisco Umbrella Rank: 92995
9 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com
574 B
1 sitescout.com
pixel-sync.sitescout.com
187 B
1 everesttech.net
sync-tm.everesttech.net
543 B
1 adpone.com
rtb.adpone.com — Cisco Umbrella Rank: 22777
920 B
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1498
645 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 650
400 B
1 yandex.ru
bs.yandex.ru — Cisco Umbrella Rank: 12645
441 B
1 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 16103
5 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 590
16 KB
1 geoedge.be
wrappers.geoedge.be — Cisco Umbrella Rank: 22565
4 KB
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1790
10 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1042
17 KB
1 apiip.net
rtbdemand.apiip.net — Cisco Umbrella Rank: 26379
397 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
602 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 408
api.rlcdn.com Failed
98 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 825
1 KB
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 11359
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1510
349 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1740
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2789
3 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
185 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
2 KB
1 ocmtag.com
cdn.ocmtag.com — Cisco Umbrella Rank: 52663
691 B
383 70
Domain Requested by
80 s.isanook.com www.sanook.com
29 pagead2.googlesyndication.com securepubads.g.doubleclick.net
18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.sanook.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
16 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.sanook.com
14 tpc.googlesyndication.com securepubads.g.doubleclick.net
18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.sanook.com
googleads.g.doubleclick.net
13 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
www.sanook.com
12 cm.g.doubleclick.net 6 redirects googleads.g.doubleclick.net
18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
8 ib.adnxs.com 2 redirects ads.pubmatic.com
acdn.adnxs.com
rtbpass.andbeyond.media
googleads.g.doubleclick.net
8 bidder.criteo.com static.criteo.net
rtbpass.andbeyond.media
7 hbopenbid.pubmatic.com ads.pubmatic.com
rtbpass.andbeyond.media
7 www.google.com 1 redirects www.sanook.com
18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
tpc.googlesyndication.com
7 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
pagead2.googlesyndication.com
6 www.googletagservices.com s.isanook.com
securepubads.g.doubleclick.net
18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
5 t.pubmatic.com ads.pubmatic.com
5 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
5 ads.pubmatic.com s.isanook.com
ads.pubmatic.com
5 www.google.de www.sanook.com
5 region1.analytics.google.com www.googletagmanager.com
5 p3.isanook.com www.sanook.com
s.isanook.com
p3.isanook.com
5 static.criteo.net www.sanook.com
s.isanook.com
securepubads.g.doubleclick.net
4 dt.adsafeprotected.com 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
4 googleads4.g.doubleclick.net googleads.g.doubleclick.net
4 id5-sync.com cdn.id5-sync.com
ads.pubmatic.com
4 eus.rubiconproject.com ads.pubmatic.com
eus.rubiconproject.com
ads.aralego.com
4 gum.criteo.com 1 redirects static.criteo.net
ads.pubmatic.com
4 graph.sanook.com s.isanook.com
4 sal.isanook.com www.sanook.com
3 c.amazon-adsystem.com www.sanook.com
c.amazon-adsystem.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 img-as.fsanook.com www.sanook.com
3 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 a.teads.tv ads.pubmatic.com
rtbpass.andbeyond.media
3 avd.innity.com avd.innity.net
www.sanook.com
3 avd.innity.net p3.isanook.com
avd.innity.net
www.sanook.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.googletagmanager.com www.sanook.com
www.googletagmanager.com
www.google-analytics.com
2 static.adsafeprotected.com 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
2 onetag-sys.com 1 redirects 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
2 eb2.3lift.com 2 redirects
2 sync.1rx.io 2 redirects
2 d5p.de17a.com 2 redirects
2 fw.adsafeprotected.com 1 redirects googleads.g.doubleclick.net
2 grid.bidswitch.net rtbpass.andbeyond.media
2 script.4dex.io rtbpass.andbeyond.media
script.4dex.io
2 sync.aralego.com ads.aralego.com
2 bam.nr-data.net js-agent.newrelic.com
2 lb.eu-1-id5-sync.com ads.pubmatic.com
cdn.id5-sync.com
2 s0.2mdn.net 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
2 id.hadron.ad.gt cdn.hadronid.net
2 dc.sanook.com www.sanook.com
2 p.adlooxtracking.com www.sanook.com
p.adlooxtracking.com
2 live.rezync.com 2 redirects
2 i.liadm.com 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 match.adsrvr.org ssum-sec.casalemedia.com
ads.pubmatic.com
2 token.rubiconproject.com eus.rubiconproject.com
2 oajs.openx.net 1 redirects www.sanook.com
2 bcp.crwdcntrl.net tags.crwdcntrl.net
2 cdn.id5-sync.com securepubads.g.doubleclick.net
www.sanook.com
2 tags.crwdcntrl.net securepubads.g.doubleclick.net
www.sanook.com
2 fastlane.rubiconproject.com ads.pubmatic.com
rtbpass.andbeyond.media
2 sb.scorecardresearch.com p3.isanook.com
www.sanook.com
2 t.ocmhood.com sdk.ocmhood.com
2 beacon.taboola.com www.sanook.com
2 connect.facebook.net www.sanook.com
connect.facebook.net
2 lvs2.truehits.in.th www.sanook.com
2 cdn.taboola.com www.sanook.com
cdn.taboola.com
2 www.sanook.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 x.bidswitch.net 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
1 pixel-sync.sitescout.com 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
1 sync-tm.everesttech.net 1 redirects
1 data00.adlooxtracking.com j.adlooxtracking.com
1 j.adlooxtracking.com www.sanook.com
1 rtb.adpone.com rtbpass.andbeyond.media
1 hb.aralego.com rtbpass.andbeyond.media
1 prebid.media.net rtbpass.andbeyond.media
1 ap.lijit.com rtbpass.andbeyond.media
1 mp.4dex.io rtbpass.andbeyond.media
1 bs.yandex.ru rtbpass.andbeyond.media
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 secure-assets.rubiconproject.com 1 redirects
1 cdn.aralego.net
1 ads.aralego.com 1 redirects
1 js-agent.newrelic.com www.sanook.com
1 wrappers.geoedge.be rtbpass.andbeyond.media
1 a.ad.gt cdn.hadronid.net
1 id.crwdcntrl.net ads.pubmatic.com
1 rtbpass.andbeyond.media www.sanook.com
1 cdn.hadronid.net www.sanook.com
1 secure.cdn.fastclick.net www.sanook.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 rtbdemand.apiip.net www.sanook.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 db4318c4b1e041c3ee245d8ccfd7976c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cdn.indexww.com ssum-sec.casalemedia.com
1 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
1 idsync.rlcdn.com ssum-sec.casalemedia.com
1 p.rfihub.com 1 redirects
1 ad4m.at ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 acdn.adnxs.com ads.pubmatic.com
1 u.openx.net ads.pubmatic.com
1 js-sec.indexww.com ads.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 htlb.casalemedia.com ads.pubmatic.com
1 tencentth-d.openx.net ads.pubmatic.com
1 rtb-eu.andbeyond.media ads.pubmatic.com
1 ut.pubmatic.com ads.pubmatic.com
1 mug.criteo.com www.sanook.com
1 sloth-api.sanook.com s.isanook.com
1 www.facebook.com www.sanook.com
1 www.googleadservices.com www.googletagmanager.com
1 cdn.ocmtag.com sdk.ocmhood.com
1 sdk.ocmhood.com cdn.taboola.com
0 api.rlcdn.com Failed ads.pubmatic.com
383 120
Subject Issuer Validity Valid
*.sanook.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-16 -
2024-07-16		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.isanook.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-12 -
2024-10-23		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
lvs2.truehits.in.th
Sectigo RSA Domain Validation Secure Server CA		 2023-01-29 -
2024-02-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-28 -
2023-12-27		 3 months crt.sh
ocmhood.com
Cloudflare Inc ECC CA-3		 2023-04-04 -
2024-04-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-01-25 -
2024-01-24		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.innity.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-24 -
2024-02-26		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
*.innity.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-05 -
2025-01-04		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.andbeyond.media
Starfield Secure Certificate Authority - G2		 2023-02-14 -
2024-03-17		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.fsanook.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-06 -
2024-01-06		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
p.adlooxtracking.com
GTS CA 1D4		 2023-11-13 -
2024-02-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
hadronid.net
GTS CA 1P5		 2023-12-03 -
2024-03-02		 3 months crt.sh
andbeyond.media
Certainly Intermediate R1		 2023-12-10 -
2024-01-09		 a month crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
a.ad.gt
E1		 2023-12-12 -
2024-03-11		 3 months crt.sh
gw.geoedge.be
Amazon RSA 2048 M01		 2023-08-12 -
2024-09-09		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-01		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-09 -
2024-12-09		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
*.bidswitch.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-01-24		 3 months crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-09-24 -
2024-03-24		 6 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
adlooxtracking.com
GTS CA 1P5		 2023-11-27 -
2024-02-25		 3 months crt.sh
*.adlooxtracking.com
R3		 2023-12-18 -
2024-03-17		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh

This page contains 32 frames:

Primary Page: https://www.sanook.com/
Frame ID: 6075ED0DAEDDC4431ADB14330F21FC3B
Requests: 256 HTTP requests in this frame

Frame: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Frame ID: C191756D522E8B73F7C20BF79C778198
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
Frame ID: 7EFB8395EBB02D59AD0C116FA11F26E9
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Frame ID: F95C834A561B0551FBFBC6D732EBD511
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Frame ID: 397E0EE0B45B48BF324B8D9E174DC039
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Frame ID: 1AF8D66D0D418C088EB7166D1EAF71F3
Requests: 1 HTTP requests in this frame

Frame: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 04FD5647E88606CBD67CBA38D43EC831
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: B9EE37F55A5DB8D9D32C686F14D00A05
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 02D6F2E9AD556B052E4680599BFA0686
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 55E49D1C2E7671E7AC4FF0667D1058B4
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 448F176348EB822FEC9D0F90EBBA08B5
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsss7vyah_-YZ0SZZ_U7kkNRDVTtlbfNt4mzNP2slA-UiKocBZ2Tyn43C2J8Y8rPgGn2s023JRUMiC3KWA8valQIItjdRGpOWU7LLyJEzQRQjVIDQx1UEhcM_XNXveAsPnv_6tyRvN_gMpGeWpXuVaDQNyyxjV97q8Zy6mcCHJKHrAzgmz0TYVDGvIPi4r7D0gCOgGxCKSSF2NeFzpDETOWShCjzaHv4kdp0fIX6EZQKTPzzmTst80mBTq54GdhBhU-MMiz-nLNmzANK90qAG-Zb1I4UUDv7CFZCpscsBeMG8HHpjRA9_tOGTj7JxjsbdV1Xy55OLaIckmU6qltAhJb346Z6G6PDn9AV8ppWhFWTa2VV4HMr7Fd5zjJVK5Y&sai=AMfl-YS04_wCu08WZ0IEns0RW5XVgb4Un-l8IR93PMoyRFvGgmbVX-3WMIwq101i728c6lVIhQZuGqvTflsnyWjTt_qjWpuH_XeTdQePEyBRq2INY3cddmNVT061icAkMIWOu9_ScPVHcjUnW0051jz03HQ&sig=Cg0ArKJSzGrbs6xtVMntEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: AC65586FF624888C21E22B901F307D44
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsscLueSV_Ci-SAlECwNSKQ73R2jDL2oFcWkFQlWfkkrxR9Q5eFkbhm3qrPDEg2SXnnqQwzdpbffznZYe0V2DcKHSc6cZJ-GNEYBwFgeV57E6qF3rhl3TfYH8w6PHKs0bWS5v7DDcX3ZlLVktVmaLeeqUz8TkW1YRKIWbIuAzbcIw_a_Bz4FiaZ8JoAPSd90J1wnx87NwL61m5S_h3BwFc9tjz8rsLHELKJq6e_CZYWPcOUJcQNl-P5UfVQCh2U6wJgzOvL-O2gL3O73zwxZkuZAFEWpNIFnyUbT6VywwM1BdHIIQzQAlRTpRzZbJxWwBd6EjcF2RnynTiYdAK9Uy6RvOwRG1q5AoMjJSebEKgzulScDlLsq0v_jaCfa&sai=AMfl-YQbVlp7423cyRCvgsfcn8eFRARx7wbiH6qy3uYdeY8SVY3bdV5Q5tHwHsmIu5YUrDZJ00NZWQwCFRIJJkfuJtyQMPekgqJ4dsx3dEIWjmywHJMJ3uFyZGk6ifuNyk-bluqlvovk_gMIr9FAzx_gskk&sig=Cg0ArKJSzIFDF8F4rxHZEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: D5EA508125091B030BC00F63B22BEC0D
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: BC2E512000F3CF523A71A00D8F7AF1D5
Requests: 10 HTTP requests in this frame

Frame: https://db4318c4b1e041c3ee245d8ccfd7976c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 9F0BA3356679B92EE6420BD0E322430A
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 868FB9872832B8CB30F77A8985949ACA
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthLhSeikwU9RFNZ2Zw5gUzKRIdM-Dx_XJi5ENujOX69SuLo4D9rdiUhlodJ0V-_7frTjI_GbpzNyjQX2vweP3MLIg0ZUVigxw-Zg-iTP_BrHZzq5GhTsvCvSATiEoX3hJAuhHo-4DAZuXvbWM3ehTqAT9_04ABoulfMUjytGcnwCqpKBcoXm2ZYHWK49F6MKItC18v-YqKxBfht2nxXyBQEmGzOlOkk4LrnD0ED25Z7WahREyZw1MVsnpaFHowUK8nKZ8t8DBRd0_hKHyi2wJeccHRQI6QIrr-Afu6KQcNl6l9VPEVbhvPG9RJMFCRbmrhWTEu15oC3Mr_9KNfeM9rnJBpXpFf&sai=AMfl-YQyCotTqxd-mCLSwcbz11Ct2eWxHhYYzGYfsgJPuKwN6AcJF5_IbQMlm58-hjWqikDEq_OC3ePnRp9Eyd3H9fQ7okm4xDqeTB5WhHqflQEFkJaua0Uo8oP_lWLp7g&sig=Cg0ArKJSzJgTa2cEEJ22EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: A0A899E699135EE0094B61CA76CB839F
Requests: 3 HTTP requests in this frame

Frame: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FC08928EAA86E3926A783A38071D2273
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEIuDGhiq46n8ATAB&v=APEucNUPC0VQRmUX4UhYfdTcuMCgXu1bEY0nd0VR1Q8hC6FT2PmyJTTps2UilBo-RhKHJz0lIUri7C1uy-_Ui-9O3sjJywAZ6w
Frame ID: 58900F141B20D09143F548043EC5F60E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 36F5CED7E8F8DC2DA36D5A4A181C175D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 31C725BEF5E82FB9C116E8C11218F456
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: ED8603D881EFD270725F1822A42BA442
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 508F6113A353A5875BB9419F54A46907
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/webpush/tgframe.html
Frame ID: 177757485AD843CF9D0D30B34B0FF513
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B425D71EABC32CC1A8A3AB593B44A808
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9395788CB83F3A077BE74427EB7E87BA
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 1C350AC0044721A93A5ECD71F5E4FF2F
Requests: 3 HTTP requests in this frame

Frame: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 500CE8D44A1BE4A7E71B8B1DABAFA9B2
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGPbI4PkBMAE&v=APEucNV6r3Kyih-mV-GsP4RyBMHbd8sT8VwcTDgWadFZY3pfhY9MjtGFSJRN27atzO7oTTneR3fdMqM5hUZbJl44mK0JLSDdl6vDWaJm-j5S71F2Pwn2PVL2U0bT0p7i5IDAw5uVdqizWdjvW2T2xIxAZQqRq-kD4w47QZGjF8dhHD0H2yxlMvY
Frame ID: C9ABDBBB0F6B8B44C20EC311C9DDA18E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 914FA16768A542E3F3201C81C27ED8EB
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 8C3BF7026CA6836F1180928D0DF5FFC1
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 17492636E9BEE46ECAA43502F10A1CFF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

sanook.com รวมข่าว ดูดวง หวย ผลบอล เพลง Joox เกม

Page URL History Show full URLs

  1. http://www.sanook.com/ HTTP 302
    https://www.sanook.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

383
Requests

94 %
HTTPS

38 %
IPv6

70
Domains

120
Subdomains

92
IPs

11
Countries

4542 kB
Transfer

13745 kB
Size

62
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.sanook.com/ HTTP 302
    https://www.sanook.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=941209991&cv=11&fst=1703058619031&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&auid=1368951224.1703058619&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=u5yCZd-mCYuQ-cAP5tWPwAk&sscte=1&crd=&eitems=ChEIgJuFrAYQsaWC8uL41eLTARIdAOBcHGeVRe25qbB3rqtXzQm1VHD-dfZBt8d2Qnc&pscrd=Ek5DaEFJZ0p1RnJBWVFxczZHc04tS2g4dG9FaVlBaUQwSi1YUjNKQjB5LVFHeldsM2JvTHN0ZW8zNnAyaHliTDdsbHZRVXE0YmlJTzI0U2caWkNoRUlnSnVGckFZUXpLRGJzNVdJeWZLdkFSSXVBUHBDa1M4OXNPSVY2TGNFMGRzcFc5Q3N5M1pld0RVQXRCQVRSRTJaQUt2OG04M3l5NUgwTW42WmhGbDNNQSITCJ_wmuDDnYMDFQtIHgId5uoDmA HTTP 302
  • https://www.google.com/pagead/1p-conversion/1007499765/?random=941209991&cv=11&fst=1703058619031&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&auid=1368951224.1703058619&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0p1RnJBWVFxczZHc04tS2g4dG9FaVlBaUQwSi1YUjNKQjB5LVFHeldsM2JvTHN0ZW8zNnAyaHliTDdsbHZRVXE0YmlJTzI0U2caWkNoRUlnSnVGckFZUXpLRGJzNVdJeWZLdkFSSXVBUHBDa1M4OXNPSVY2TGNFMGRzcFc5Q3N5M1pld0RVQXRCQVRSRTJaQUt2OG04M3l5NUgwTW42WmhGbDNNQSITCJ_wmuDDnYMDFQtIHgId5uoDmA&is_vtc=1&ocp_id=u5yCZd-mCYuQ-cAP5tWPwAk&cid=CAQSKQAvHhf_zkq7ewDwjFrOhXPMG6oYNF7wo4h7loM2lB-kR_6UmatB7bYr&eitems=ChEIgJuFrAYQsaWC8uL41eLTARIdAOBcHGe68shFtW3u284_6YV_dFua_BrvHK15Rug&random=208336689 HTTP 302
  • https://www.google.de/pagead/1p-conversion/1007499765/?random=941209991&cv=11&fst=1703058619031&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&auid=1368951224.1703058619&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0p1RnJBWVFxczZHc04tS2g4dG9FaVlBaUQwSi1YUjNKQjB5LVFHeldsM2JvTHN0ZW8zNnAyaHliTDdsbHZRVXE0YmlJTzI0U2caWkNoRUlnSnVGckFZUXpLRGJzNVdJeWZLdkFSSXVBUHBDa1M4OXNPSVY2TGNFMGRzcFc5Q3N5M1pld0RVQXRCQVRSRTJaQUt2OG04M3l5NUgwTW42WmhGbDNNQSITCJ_wmuDDnYMDFQtIHgId5uoDmA&is_vtc=1&ocp_id=u5yCZd-mCYuQ-cAP5tWPwAk&cid=CAQSKQAvHhf_zkq7ewDwjFrOhXPMG6oYNF7wo4h7loM2lB-kR_6UmatB7bYr&eitems=ChEIgJuFrAYQsaWC8uL41eLTARIdAOBcHGe68shFtW3u284_6YV_dFua_BrvHK15Rug&random=208336689&ipr=y
Request Chain 117
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=sanook.com&sn=ChromeSyncframe&so=0&topUrl=www.sanook.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=EznRq3xvTnNpYy94NGo2VVlJYVRkOVFIbmpxRmg0TDZlS2QyMlBhalVBa2k2cDdxd1gzdVk4REt2dE1rWVRqQXpWUnF2TTVKMytUSy9RR0RiaHlqbFArcUUrOG0zOSsyZnZNM0pSNFc0aUhlb1lub3IxRWl1bHlHWDFUbEJnUzU3cFBTcC9lTGZaMlFFeGl2L3B3UHhEREhKT2JlTmVsVDV3cnYyTnNVUTVJcXdJOGlRUG50a2ZvaExqbEVLcmQ5bi9UdXRIdWlLVC8yYmJhY1pkWVZXak1FSzVzaU85ejhWcVFDemNOTW1jdTBDTzZSUFRFZGF6cXQ0M3Z4T1JGdUpPOE9UdW15VFhGaFNaZG8ycldQU2VwaGZldz09fA&cppv=2
Request Chain 181
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2F&rid=esp&cc=1
Request Chain 182
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 183
  • https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 187
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZYKcvGXeAy9bBapzKW59LwAAFHgAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZYKcvGXeAy9bBapzKW59LwAAFHgAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 188
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZYKcvGXeAy9bBapzKW59LwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKIZ2UExngOxJVXRz1bqWxQ&google_cver=1
Request Chain 189
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZYKcvGXeAy9bBapzKW59LwAAFHgAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEE39fp4_XVCYVHFbhlIEE2w&google_cver=1
Request Chain 190
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=3e0fdf1d-fd6f-4f9d-3f485a6c
Request Chain 192
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZYKcvGXeAy9bBapzKW59LwAA%265240&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZYKcvGXeAy9bBapzKW59LwAA%265240&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=65abd51b1bd04494ba3627fc6af8682c HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=65abd51b-1bd0-4494-ba36-27fc6af8682c HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=b56389da-8c74-4b6b-95ea-33bb0d75d282%3A1703058621.9797497&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Db56389da-8c74-4b6b-95ea-33bb0d75d282%253A1703058621.9797497%26_%3D1703058621.9820776&cb=1703058621.9821303 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329529426099730&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Db56389da-8c74-4b6b-95ea-33bb0d75d282%253A1703058621.9797497%26_%3D1703058621.9820776 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=b56389da-8c74-4b6b-95ea-33bb0d75d282%3A1703058621.9797497&_=1703058621.9820776
Request Chain 306
  • https://ads.aralego.com/cookiesync HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/cookiesync
Request Chain 308
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 348
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKIZ2UExngOxJVXRz1bqWxQ&google_cver=1
Request Chain 349
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYKcvGXeAy9bBapzKW59LwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKIZ2UExngOxJVXRz1bqWxQ&google_cver=1
Request Chain 350
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEObA-XGnbUOxV8E9-w3nMVI&google_cver=1
Request Chain 351
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU1NTIxMjUyMjc5Njg5NTgxMQ%3D%3D
Request Chain 365
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEDC-1uXHYWJRWtBgOEc9G0w&google_cver=1&google_push=AXcoOmT6JdmdHj2VYu9OR8zT7-3jML3fCNmQlM7U53iWDPR1ksyxtyH3susokB_8iQuP3bPlCuTVXP-50jCD-FXM7jPiZO1O2Sk_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDC-1uXHYWJRWtBgOEc9G0w&google_push=AXcoOmT6JdmdHj2VYu9OR8zT7-3jML3fCNmQlM7U53iWDPR1ksyxtyH3susokB_8iQuP3bPlCuTVXP-50jCD-FXM7jPiZO1O2Sk_
Request Chain 368
  • https://d5p.de17a.com/cookies/google?google_gid=CAESELCmx638Q5PHqPcNy2gK8Lo&google_cver=1&google_push=AXcoOmQFm7sKnEufEoVXByZBz0dYq1kKZg_Pe3fW6ikBWN3-eB_uziTVMIy-g_YiA_yTPzKm3LGSeYoKSm7b7UZb6_X8wDeoAvO_ HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESELCmx638Q5PHqPcNy2gK8Lo&google_cver=1&google_push=AXcoOmQFm7sKnEufEoVXByZBz0dYq1kKZg_Pe3fW6ikBWN3-eB_uziTVMIy-g_YiA_yTPzKm3LGSeYoKSm7b7UZb6_X8wDeoAvO_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQFm7sKnEufEoVXByZBz0dYq1kKZg_Pe3fW6ikBWN3-eB_uziTVMIy-g_YiA_yTPzKm3LGSeYoKSm7b7UZb6_X8wDeoAvO_
Request Chain 369
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEDtp7dfCOqbJUhWziSZAsC4&google_cver=1&google_push=AXcoOmSskrsWBtmuXAhqfNIKp5LQ8X7agbppccikA-QEuoZILPj-gj6qDhGN1jwckUJTyiiLRYEvopPvXqZTd9MGuNgmevqPyMCx HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmSskrsWBtmuXAhqfNIKp5LQ8X7agbppccikA-QEuoZILPj-gj6qDhGN1jwckUJTyiiLRYEvopPvXqZTd9MGuNgmevqPyMCx&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1703058649131 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-54555fa4-b080-4835-a2f7-ad1e9f0f04ef-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSskrsWBtmuXAhqfNIKp5LQ8X7agbppccikA-QEuoZILPj-gj6qDhGN1jwckUJTyiiLRYEvopPvXqZTd9MGuNgmevqPyMCx%26google_hm%3DA1RVX6SwgEg1ovetHp8PBO8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSskrsWBtmuXAhqfNIKp5LQ8X7agbppccikA-QEuoZILPj-gj6qDhGN1jwckUJTyiiLRYEvopPvXqZTd9MGuNgmevqPyMCx&google_hm=A1RVX6SwgEg1ovetHp8PBO8
Request Chain 370
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEN3La_jqE388aunVRt6WQTE&google_cver=1&google_push=AXcoOmTbVWzOv0OImZNpX3Uhkh7HugqRh_ZuXgACQ0DM3ZxHq5P5CLwPzuPhiS00J3UEoVpfOiKMAJp6Rg_gaqFzFD_U9GzXW3U HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTbVWzOv0OImZNpX3Uhkh7HugqRh_ZuXgACQ0DM3ZxHq5P5CLwPzuPhiS00J3UEoVpfOiKMAJp6Rg_gaqFzFD_U9GzXW3U&google_gid=CAESEN3La_jqE388aunVRt6WQTE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY0OTYwOTgxNTA3NDAxMDI5MzAwNw%3D%3D&google_push=AXcoOmTbVWzOv0OImZNpX3Uhkh7HugqRh_ZuXgACQ0DM3ZxHq5P5CLwPzuPhiS00J3UEoVpfOiKMAJp6Rg_gaqFzFD_U9GzXW3U
Request Chain 371
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECtc_w2OOXUtUoeV1zVnjOw&google_cver=1&google_push=AXcoOmSG-C85ZP4xgE7tanICFKIE-EO9Xwh0FMGqxjibTW5OfztPvmCvf2jQktpwk2SVu5yPXF8bI2d2Y-2LC0LhoKp3KP9btcUu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSG-C85ZP4xgE7tanICFKIE-EO9Xwh0FMGqxjibTW5OfztPvmCvf2jQktpwk2SVu5yPXF8bI2d2Y-2LC0LhoKp3KP9btcUu HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 376
  • https://fw.adsafeprotected.com/rfw/st/1701938/75545082/4.js?ias_dspID=3&ias_campId=1014402368&ias_pubId=pub-8731210765202237&ias_chanId=1&ias_placementId=20630548969&bidurl=https://www.sanook.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0j-eSh_baZZ8e3uPfZ_otwH&adContainerId=gcc_2JyCZZr9PPypjuwPi-2Z0As&cbFunctionName=goog_wrapCb_2JyCZZr9PPypjuwPi-2Z0As&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.sanook.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.sanook.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:e2a4f5b4-b4cf-6c64-c205-f820b0ae8978,c:xkdaCa,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-765c58974b-gzxq4,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tYXOx4S+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j1%7C1j2%7C1j3%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p*.1701938-75545082%7C1p1%7C1p2%7C1p3,idMap:1p*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:13,oid:7da58f27-9f0c-11ee-abbe-46df931b3035,v:19.8.466,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=gcc_2JyCZZr9PPypjuwPi-2Z0As&cbFunctionName=goog_wrapCb_2JyCZZr9PPypjuwPi-2Z0As&true_pb=

383 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.sanook.com/
Redirect Chain
  • http://www.sanook.com/
  • https://www.sanook.com/
323 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
203.151.130.56 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
56.130.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
70e89c9616e7673e29b7991a637d7d7051914797b401a4d55bb3d4732842c641
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
public, s-maxage=15, max-age=5, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 20 Dec 2023 07:50:18 GMT
Proxy-Cache-Status
HIT
SN-Cache-Status
HIT
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Transfer-Encoding
chunked
Vary
Accept-Encoding User-Agent
X-Cache-Status
MISS
X-Ua-Device
desktop
X-Ua-Exp
notset
X-Ua-Key
cover_display
X-Ua-Type
human

Redirect headers

Connection
keep-alive
Content-Length
151
Content-Type
text/html
Date
Wed, 20 Dec 2023 07:50:17 GMT
Location
https://www.sanook.com/
Proxy-Cache-Status
STALE
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Vary
User-Agent, Accept-Encoding
X-Cache-Status
MISS
taboola-push-sdk.js
cdn.taboola.com/webpush/publishers/1011713/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/webpush/publishers/1011713/taboola-push-sdk.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84dbea809787acd9c5c767113eb3f7bc492f55812613c10507f66f10d205db36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
OfFW3qSCFTk8stQse__31i5akmTWt65R
content-encoding
gzip
via
1.1 varnish
date
Wed, 20 Dec 2023 07:50:18 GMT
x-amz-request-id
ZMG3RW8S6FTNEXDA
age
28714
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5678
x-amz-id-2
lYikduKiHWPqw5wyPpLzfseipavbrInZd5hcEZ+b8CIaIVZU2u/y7NSNOhVHrG6EeCuZDh8ZtL0=
x-served-by
cache-fra-eddf8230053-FRA
last-modified
Thu, 26 Oct 2023 09:07:03 GMT
server
AmazonS3
x-timer
S1703058619.533290,VS0,VE1
etag
"e2595c8172706b041a90c945e3638320"
vary
Accept-Encoding
content-type
application/octet-stream
abp
49
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
pubmatic_desktop.1.0.0.js
s.isanook.com/sh/0/js/ 		1 KB
738 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 19:47:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
1087
server
Lego Server
age
0
etag
W/"5afbec11-43f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
1092774516751619409
accept-ranges
bytes
content-length
550
expires
Fri, 15 Dec 2023 19:47:18 GMT
publishertag.js
static.criteo.net/js/ld/ 		131 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-20a3d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Dec 2023 07:50:18 GMT
beacon.v1.js
p3.isanook.com/sh/0/js/ 		375 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/sh/0/js/beacon.v1.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:21:21 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 28 Nov 2013 06:56:15 GMT
server
Lego Server
age
430522
etag
"5296e90f-177"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
7306719467535965003
accept-ranges
bytes
content-length
266
expires
Sun, 24 Dec 2023 03:21:21 GMT
gtm.js
www.googletagmanager.com/ 		291 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
73aca4fc273d9dc96c03f6fe1390d48f54fb71f58bd0bb3a1830117434d2009a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94797
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Dec 2023 07:50:18 GMT
d0004449.js
lvs2.truehits.in.th/dataa/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lvs2.truehits.in.th/dataa/d0004449.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.58.214 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-58-214.northern.inet.co.th
Software
nginx/1.23.3 /
Resource Hash
99bceaf8b7d56a04c4529d33ed5bdea71fb0396ee8a9abdd787b52b6e878a837

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:19 GMT
last-modified
Thu, 14 Dec 2023 07:02:00 GMT
server
nginx/1.23.3
p3p
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
content-type
application/x-javascript
cache-control
max-age=604800
content-length
8719
expires
Wed, 27 Dec 2023 7:50:19 GMT
a102.js
sal.isanook.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sal.isanook.com/js/a102.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.151.133.6 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
6.134.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 07:50:21 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Aug 2020 09:23:14 GMT
Server
nginx
ETag
W/"5f311202-5de3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Fri, 19 Jan 2024 07:50:21 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 20 Dec 2023 07:50:18 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
umPzohfolMFP66OA4O/0x2Mi8Kz4xHPTQ8t1FGWF8IaZht01p0HBRJIOl1ZEmevTolnG6v6i9PQ1mFHO8DFhGQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ht.js
sdk.ocmhood.com/sdk/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/webpush/publishers/1011713/taboola-push-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76826516b4d37ab488d0163d4d43fa6f56199dae748fdfbabcd447c78528464e

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5271
alt-svc
h3=":443"; ma=86400
service-worker-allowed
/
last-modified
Thu, 07 Dec 2023 11:01:57 GMT
server
cloudflare
etag
W/"6571a625-2ef3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vi%2B4EiUtx2jToFiFngsPtXDQyh25tj80KXxsYBrKGq%2Fwo68B4ZgNQjbV3b4vdseXoPlE2T3ulUcoS2xejCal6pvqqmPr%2FzScxValUXd9RIaKty%2BrjpdPL547U7tS8WNepZ3%2FlkSp1H%2FFUFiThg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
83864b303f54bbef-FRA
0edade65c094e5997049.css
s.isanook.com/sr/0/_next/static/css/ 		43 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/css/0edade65c094e5997049.css
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
0fc98c135a2fc30eb81a14617a47ff036f4c71bfc80dbb1f24e47908c9188862

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 02:56:45 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
44218
server
Lego Server
age
13
etag
W/"657283d1-acba"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-nws-log-uuid
1175796918573518109
accept-ranges
bytes
content-length
9110
expires
Sun, 07 Jan 2024 02:56:13 GMT
webpack-cc9b2cdab5ccbd15e05c.js
s.isanook.com/sr/0/_next/static/chunks/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/webpack-cc9b2cdab5ccbd15e05c.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
3c10c54eacf495a5e2b88d4c27cc80545015a2c5ad53125324a52e9d6dabd10b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 03:43:10 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
9638
server
Lego Server
age
52
etag
W/"658261d3-25a6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
18155747609114908223
accept-ranges
bytes
content-length
4807
expires
Fri, 19 Jan 2024 03:41:28 GMT
framework-bccd505f411f10b308c7.js
s.isanook.com/sr/0/_next/static/chunks/ 		147 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/framework-bccd505f411f10b308c7.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
e16941500a7e562826092aa4e31a907a0c6e9354e4c843391cd3fdec33602bb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 02:17:47 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
150360
server
Lego Server
age
0
etag
W/"6565dcad-24b58"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
3767153877227419809
accept-ranges
bytes
content-length
45781
expires
Fri, 29 Dec 2023 02:17:47 GMT
main-6fc29b940dae36eaf931.js
s.isanook.com/sr/0/_next/static/chunks/ 		75 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/main-6fc29b940dae36eaf931.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
e6f66edeac3b3a3f7b2cd9d2c9c0365f42b989cc873dd956522bcc03e1279413

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 06:30:22 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 24 Nov 2023 04:03:16 GMT
server
Lego Server
age
0
etag
W/"65602084-12ae6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
5670509111178381818
accept-ranges
bytes
content-length
23882
expires
Sun, 24 Dec 2023 06:30:22 GMT
_app-8a207e855bdf22ab3198.js
s.isanook.com/sr/0/_next/static/chunks/pages/ 		810 KB
191 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-8a207e855bdf22ab3198.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
66cbd1268a65ce2fd800b77c2428bde15e551664edcb672b00018a2ab9884b69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 06:46:27 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
829895
server
Lego Server
age
0
etag
W/"658137e7-ca9c7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
781536574874350969
accept-ranges
bytes
content-length
195550
expires
Thu, 18 Jan 2024 06:46:27 GMT
2962-603a28e62dde6ed2aedb.js
s.isanook.com/sr/0/_next/static/chunks/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2962-603a28e62dde6ed2aedb.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
39a9767a33fe8b9d31f24bb9f29f98152c9f738a1bf59539cfd87285d30be231

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 03:26:04 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
11966
server
Lego Server
age
3311
etag
W/"65544f53-2ebe"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
15477345006261569479
accept-ranges
bytes
content-length
2738
expires
Sat, 16 Dec 2023 03:26:04 GMT
9669-b56602280eb9384c191d.js
s.isanook.com/sr/0/_next/static/chunks/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/9669-b56602280eb9384c191d.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
9cd0cf9358f6d9ef9aecc29466faba4f8f2f5b9a79f03be60e6b220558fd4340

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 19:34:52 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
13794
server
Lego Server
age
106062
etag
W/"65544f52-35e2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
17767919360761518137
accept-ranges
bytes
content-length
4712
expires
Fri, 15 Dec 2023 19:34:52 GMT
1354-e6e263fd45386d27bc3d.js
s.isanook.com/sr/0/_next/static/chunks/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/1354-e6e263fd45386d27bc3d.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
6110bd3d72d24a65ab45401d0318208e362f323aca3c84d57a36523d34a60f0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 04:27:48 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
50816
server
Lego Server
age
42575
etag
W/"656405c9-c680"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
4401499950834014039
accept-ranges
bytes
content-length
16570
expires
Wed, 27 Dec 2023 04:27:48 GMT
3253-53ff7ff6e0b6ee493cc0.js
s.isanook.com/sr/0/_next/static/chunks/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/3253-53ff7ff6e0b6ee493cc0.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
1150925cc59c7046516a9aaaf3d9add1cd9cce4f6a5002154a4cfe3432906427

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:15:33 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
24873
server
Lego Server
age
0
etag
W/"656405c8-6129"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
12275596143805870420
accept-ranges
bytes
content-length
7144
expires
Thu, 28 Dec 2023 01:15:33 GMT
6261-0b9100df4de35e339621.js
s.isanook.com/sr/0/_next/static/chunks/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/6261-0b9100df4de35e339621.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
ee4af143a6a0a29cda4f26e4e9e05fbc58918dfa32bb26bb7f43b266afc0a085

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 07:08:22 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
29406
server
Lego Server
age
562116
etag
W/"6556d42e-72de"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
2964864535863136403
accept-ranges
bytes
content-length
6698
expires
Sun, 17 Dec 2023 02:51:34 GMT
2144-fc95701658e9dbc62ba5.js
s.isanook.com/sr/0/_next/static/chunks/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2144-fc95701658e9dbc62ba5.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
dbc8e7010be7250d7092fa7cdfc81186f97e3abf060d836d4054ba37f1160ce3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 03:45:39 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
9691
server
Lego Server
age
2165
etag
W/"6572d774-25db"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
4012121813990994219
accept-ranges
bytes
content-length
3394
expires
Tue, 09 Jan 2024 03:45:39 GMT
1216-75cdf64a6bee3b4a0f08.js
s.isanook.com/sr/0/_next/static/chunks/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/1216-75cdf64a6bee3b4a0f08.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
c874f708f5b975cd971bc4b89f3a432a46121a549273f79c0e1363ef54001157

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:40:02 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
6871
server
Lego Server
age
0
etag
W/"65446ebe-1ad7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
2649233939912797871
accept-ranges
bytes
content-length
2537
expires
Wed, 06 Dec 2023 03:40:02 GMT
617-ce3dea63b3c20710b129.js
s.isanook.com/sr/0/_next/static/chunks/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/617-ce3dea63b3c20710b129.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
c60e2fc9ce0914bf1cf11e141c745da30edc15af953fd6682d0d95df5d83f809

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 03:09:32 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
16030
server
Lego Server
age
0
etag
W/"65544f54-3e9e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
16360490846361700282
accept-ranges
bytes
content-length
4551
expires
Sat, 16 Dec 2023 03:09:32 GMT
3051-bf42533dcd722fe36384.js
s.isanook.com/sr/0/_next/static/chunks/ 		82 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/3051-bf42533dcd722fe36384.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
b9e38cc9731430afe84fde118d71237c9a86fce3230e5ac7ae1d7f86c102842a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 08:25:48 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 24 Nov 2023 04:03:17 GMT
server
Lego Server
age
0
etag
W/"65602085-1496c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17738774507989044991
accept-ranges
bytes
content-length
26664
expires
Mon, 25 Dec 2023 08:25:48 GMT
5616-5f8425f3631c502b5b56.js
s.isanook.com/sr/0/_next/static/chunks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5616-5f8425f3631c502b5b56.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
be670c3d3cc9021e3e244a863bd36f5c685a09f46cffefdb930b9fefee0fec0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 12:29:36 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
9072
server
Lego Server
age
239022
etag
W/"6572d775-2370"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
16016714051001992924
accept-ranges
bytes
content-length
3074
expires
Mon, 08 Jan 2024 12:29:36 GMT
6066-d50250a536141f89d39a.js
s.isanook.com/sr/0/_next/static/chunks/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/6066-d50250a536141f89d39a.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
12c77ac611a4332b163f12367043df571ad45e56537880d12235f9aa3376e777

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 03:10:10 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
server
Lego Server
age
0
etag
W/"6557286a-95e4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
3344702194086001821
accept-ranges
bytes
content-length
9981
expires
Wed, 20 Dec 2023 03:10:10 GMT
5949-ac9935b6efbd2da19187.js
s.isanook.com/sr/0/_next/static/chunks/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5949-ac9935b6efbd2da19187.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
50b19099ebca11eae52e56b077ea2f8d618a21e6a9657a8de01467f764ef910f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 03:00:04 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
4674
server
Lego Server
age
41784
etag
W/"651e244e-1242"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
12059712109728236732
accept-ranges
bytes
content-length
2126
expires
Sun, 31 Dec 2023 13:58:55 GMT
6876-8ff5ec0b004769cf30cd.js
s.isanook.com/sr/0/_next/static/chunks/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/6876-8ff5ec0b004769cf30cd.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
27e3898e078a99fc5f43b11cbef454a94563852fc306e3a9f163146e02751a19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 09:36:30 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
11452
server
Lego Server
age
0
etag
W/"656405ca-2cbc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
18175868591655647499
accept-ranges
bytes
content-length
3894
expires
Wed, 27 Dec 2023 09:36:30 GMT
9826-a6b080a9d148f6d33282.js
s.isanook.com/sr/0/_next/static/chunks/ 		50 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/9826-a6b080a9d148f6d33282.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
5bf7724d62557cbb156e410f424acf0d48a3f5b6db47b4ba25db0699d9e1305a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 03:20:52 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
51343
server
Lego Server
age
0
etag
W/"656d3d79-c88f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
11518857123845086842
accept-ranges
bytes
content-length
7614
expires
Wed, 03 Jan 2024 03:20:51 GMT
5503-dfc6b47486d6999a9a65.js
s.isanook.com/sr/0/_next/static/chunks/ 		35 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5503-dfc6b47486d6999a9a65.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
19b40828f35aad4ecd875b029b522cfc31d2991b8c27fa001e27598245127057

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:13:27 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
35778
server
Lego Server
age
92
etag
W/"657fb767-8bc2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
3241753638955965034
accept-ranges
bytes
content-length
6889
expires
Wed, 17 Jan 2024 03:11:37 GMT
1190-c1de33e99ee7a2b6b923.js
s.isanook.com/sr/0/_next/static/chunks/ 		210 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/1190-c1de33e99ee7a2b6b923.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
aacae4092a3c76743ece198017d03a00476a59bfee4e141b1a46bdc0caeb0a93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:11:36 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
215033
server
Lego Server
age
63
etag
W/"657fb767-347f9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
10376247703330717766
accept-ranges
bytes
content-length
44697
expires
Wed, 17 Jan 2024 03:11:36 GMT
3316-1075f88424a7f97fd556.js
s.isanook.com/sr/0/_next/static/chunks/ 		18 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/3316-1075f88424a7f97fd556.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
2ad2e0dabfe69db1f2fa50e28da4cff673db42de2a7c9990610dc913ae7f8ab5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 03:20:52 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
18017
server
Lego Server
age
6
etag
W/"656d3d76-4661"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
3735780044074864673
accept-ranges
bytes
content-length
4335
expires
Wed, 03 Jan 2024 03:20:51 GMT
5269-b7e44080fa2ad5a29a4f.js
s.isanook.com/sr/0/_next/static/chunks/ 		248 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5269-b7e44080fa2ad5a29a4f.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
cb4ad9fca15600096a8d9107572e52f9c6f1cd930e9b6dbcf0954192c786da14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 02:56:12 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
253795
server
Lego Server
age
8
etag
W/"657283d0-3df63"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
762454965701995690
accept-ranges
bytes
content-length
18893
expires
Sun, 07 Jan 2024 02:56:12 GMT
4374-91615dc559f3faf9c086.js
s.isanook.com/sr/0/_next/static/chunks/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/4374-91615dc559f3faf9c086.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
fee99ad0bd0cd5995682405178d9d2ede85fed5c79f543d8b740f53395291f64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 03:20:51 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
17102
server
Lego Server
age
12
etag
W/"656d3d79-42ce"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
12502495506117226735
accept-ranges
bytes
content-length
3785
expires
Wed, 03 Jan 2024 03:20:51 GMT
7634-04c472fae60f45a849a0.js
s.isanook.com/sr/0/_next/static/chunks/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/7634-04c472fae60f45a849a0.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
3fd13b0daf2652dbdb226aa907f3bca0cf7d986fe8445cb6beff7f22da20f43f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 02:56:16 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
14298
server
Lego Server
age
24
etag
W/"657283cf-37da"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
3908177010932510706
accept-ranges
bytes
content-length
2627
expires
Sun, 07 Jan 2024 02:56:16 GMT
9063-94a08e25bf4dc2bdaf80.js
s.isanook.com/sr/0/_next/static/chunks/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/9063-94a08e25bf4dc2bdaf80.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
ee792d6654698f7c088a8ae05942488f954ce013109bd82c4c1c37eb38f6148b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 02:56:12 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
11925
server
Lego Server
age
6696
etag
W/"657283d0-2e95"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
9996158180414515732
accept-ranges
bytes
content-length
3791
expires
Sun, 07 Jan 2024 02:56:12 GMT
2511-f871ee9e29fdbfa53ccc.js
s.isanook.com/sr/0/_next/static/chunks/ 		16 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2511-f871ee9e29fdbfa53ccc.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
24d69d92d039760367c17f1b3dc994220ff4471139e943cd24c87ab90f734713

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 03:00:04 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
16119
server
Lego Server
age
144
etag
W/"657283d0-3ef7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
12602109191611599584
accept-ranges
bytes
content-length
3109
expires
Sun, 07 Jan 2024 02:57:02 GMT
7605-85e9d31bd7efd778ba22.js
s.isanook.com/sr/0/_next/static/chunks/ 		18 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/7605-85e9d31bd7efd778ba22.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
2ac05fa6e28bdd8a7dae41f39d4f0d1d1fdd2375132dc85e99a9e35fbb24d880

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 15:02:21 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
18841
server
Lego Server
age
0
etag
W/"6572d775-4999"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
12263341973784107659
accept-ranges
bytes
content-length
2993
expires
Tue, 09 Jan 2024 15:02:21 GMT
2820-202f6e506eae7595d2a9.js
s.isanook.com/sr/0/_next/static/chunks/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2820-202f6e506eae7595d2a9.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
b2bb8debb0b4e407cc789a3841d55f3c8e9f7804e91e77a056b529de9803f42c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 04:26:26 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
14976
server
Lego Server
age
0
etag
W/"6577d102-3a80"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
10095161745714913060
accept-ranges
bytes
content-length
3481
expires
Thu, 11 Jan 2024 04:26:26 GMT
1918-d561770b85deea6d272c.js
s.isanook.com/sr/0/_next/static/chunks/ 		41 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/1918-d561770b85deea6d272c.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
fe00fe0cd2d9d5daf36801a5e2a5b72a39090003ed239fd412a0e789b2e97c63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 02:57:02 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
41803
server
Lego Server
age
0
etag
W/"657283cf-a34b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
15251749008300315961
accept-ranges
bytes
content-length
9255
expires
Sun, 07 Jan 2024 02:57:01 GMT
firstpage-1481aea0fafaedc6930c.js
s.isanook.com/sr/0/_next/static/chunks/pages/common/ 		271 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/pages/common/firstpage-1481aea0fafaedc6930c.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
04bcd0aa4a3785e8142d178adbf96730f06f349d38594dc187ba27563ca6db39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:14:47 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
277550
server
Lego Server
age
2
etag
W/"657fb769-43c2e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
10050612596358510810
accept-ranges
bytes
content-length
44294
expires
Wed, 17 Jan 2024 03:11:59 GMT
_buildManifest.js
s.isanook.com/sr/0/_next/static/A-bY7Xhh31OIsxrXnmFsk/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/A-bY7Xhh31OIsxrXnmFsk/_buildManifest.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
4eec4089844922556f5a1709036f737cec18ea98cb97d30ae4e6660ca772fa48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 03:43:11 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
27526
server
Lego Server
age
90
etag
W/"65826181-6b86"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
6964594194255959331
accept-ranges
bytes
content-length
6921
expires
Fri, 19 Jan 2024 03:41:27 GMT
_ssgManifest.js
s.isanook.com/sr/0/_next/static/A-bY7Xhh31OIsxrXnmFsk/ 		77 B
251 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/A-bY7Xhh31OIsxrXnmFsk/_ssgManifest.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 03:43:11 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
77
server
Lego Server
age
75
etag
"65826181-4d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
7149996984542738135
accept-ranges
bytes
content-length
61
expires
Fri, 19 Jan 2024 03:41:26 GMT
spacer.gif
p3.isanook.com/sh/0/di/ac/vl/ 		43 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p3.isanook.com/sh/0/di/ac/vl/spacer.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:41:44 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
etag
"4d5107cb-2b"
vary
Accept-Encoding
content-type
image/gif
x-nws-log-uuid
14805619226221088752
accept-ranges
bytes
content-length
43
expires
Sat, 06 Jan 2024 09:41:44 GMT
ic-lotto.png
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/ic-lotto.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
a2927d4b587bf91bf2a958f9273e01f9447b14a161dda71f961be4be21c77df8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:44:54 GMT
x-cache-lookup
Cache Hit
x-original-content-length
2847
server
Lego Server
age
0
etag
W/"PSA-aj-i2eaSDRS-j"
content-type
image/png
access-control-allow-origin
https://www.sanook.com
x-nws-log-uuid
4974094263015789396
accept-ranges
bytes
content-length
2056
expires
Fri, 05 Jan 2024 01:49:42 GMT
joox.svg
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		1 KB
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/joox.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
0b2e019fbe37d9642ad85f3194ef708e5510f4e580544587d3036d2c6a22809e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 08:38:39 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Wed, 29 Nov 2023 06:20:23 GMT
server
Lego Server
age
0
etag
W/"6566d827-4e7"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
5713848203990709124
accept-ranges
bytes
content-length
548
expires
Fri, 29 Dec 2023 08:38:39 GMT
wetv.svg
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/wetv.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
08a8463bf15cca775e8cc01995f1d42758cbda90dee2b7019fee15daa62822c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:29:42 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Tue, 12 Dec 2023 05:26:15 GMT
server
Lego Server
age
0
etag
W/"6577eef7-1a5b"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
5558921525808848684
accept-ranges
bytes
content-length
1827
expires
Thu, 11 Jan 2024 08:29:42 GMT
wecomics-d.png
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/wecomics-d.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
72b957c8e33b77cbf556151dc0c974c59408561b4bf97828c5b400bb60663138

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 01:49:42 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
etag
"656d3da2-bec"
content-type
image/png
access-control-allow-origin
https://www.sanook.com
x-nws-log-uuid
5812996669552271129
accept-ranges
bytes
content-length
3052
expires
Fri, 05 Jan 2024 01:49:42 GMT
pubg.png
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/pubg.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
b838ce70a090231be8c745e32e5b6544bb0aa5c4e83ea15cf992feab33989be2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:16:08 GMT
x-cache-lookup
Cache Hit
x-original-content-length
2246
server
Lego Server
age
0
etag
W/"PSA-aj-MwUb6a4gDP"
content-type
image/png
access-control-allow-origin
https://www.sanook.com
x-nws-log-uuid
11717394467008304192
accept-ranges
bytes
content-length
1852
expires
Fri, 05 Jan 2024 01:49:42 GMT
ic-findluckynumber.svg
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/ic-findluckynumber.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
bb9ed1770e9024deb98eee45ba561267d7ef74129e952928e7d62d581948bc0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 08:41:50 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Wed, 29 Nov 2023 06:20:23 GMT
server
Lego Server
age
0
etag
W/"6566d827-9f1"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
12295884733601804928
accept-ranges
bytes
content-length
1107
expires
Fri, 29 Dec 2023 08:41:50 GMT
tagline-template-update-april.jpg
s.isanook.com/fi/0/fp/393/1968597/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/393/1968597/tagline-template-update-april.jpg?ip/crop/w555h333/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
e3d9f2490370d0efc65f52ab490598f97f008d4b63d8c887e0bde1be24aa3d6e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:41:20 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
18166326593121322734
accept-ranges
bytes
content-length
26736
expires
Fri, 19 Jan 2024 07:41:20 GMT
1489944661112333
connect.facebook.net/signals/config/ 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1489944661112333?v=2.9.138&r=stable&domain=www.sanook.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2babcf71e41ee65d1ff30a901411c192d1e6778bf832eacc79dd052ac02d9167
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 20 Dec 2023 07:50:19 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
p8L+Y6l/Z2Vu6sOXjD7nz4BZ5+ICKcdXKEUtzkxCh6kR2wqI4oini1WR0ElyYl6P3A2AB2CBtzSHaHaOX5urVQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL.js
cdn.ocmtag.com/tag/ 		191 B
691 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ocmtag.com/tag/NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL.js
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62998eb230205cec9dbb97bedc6654520af6e3b2b452f17c38b54eb10829a005

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3638
alt-svc
h3=":443"; ma=86400
service-worker-allowed
/
last-modified
Thu, 27 Apr 2023 11:52:10 GMT
server
cloudflare
etag
W/"644a61ea-bf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O01aLLhUHcdwcagAVbGpE0TG6nd%2FGJheuMMeS4ZggihF4v%2B%2F08oMNlhBrB2mOUWsitvCdgPQNBMEhN4tsCEdC63xQttAmU%2FVWTgAwMi%2BASqMWQ3D02VRucsyNa0R7VizRwOAiby67h2X6tVMGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
83864b310fcc22b6-CDG
/
beacon.taboola.com/ 		0
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.taboola.com/?cat=webpush&v=1.5&src=Sanook&event=ask&features=adblock
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230053-FRA
date
Wed, 20 Dec 2023 07:50:19 GMT
via
1.1 varnish
server
Varnish
x-timer
S1703058619.072739,VS0,VE0
access-control-allow-methods
GET, POST
content-type
x-cache
HIT
cache-control
private, no-store
access-control-allow-credentials
true
accept-ranges
bytes
retry-after
0
x-cache-hits
0
logo-sanook-n.svg
s.isanook.com/sr/0/images/ 		11 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/logo-sanook-n.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
412e44de7c09f2b8d76b1ad4ca25cc6915bcca5d737aaa7c5a6b44e5965d1d6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:56:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 08 Dec 2023 08:45:05 GMT
server
Lego Server
age
46154
etag
W/"6572d791-2b18"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
16938472155891817621
accept-ranges
bytes
content-length
4394
expires
Tue, 09 Jan 2024 14:56:18 GMT
prompt-regular-webfont.woff2
s.isanook.com/sr/0/fonts/prompt/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/prompt/prompt-regular-webfont.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
8756f19020bac3a40d2a403c5f5bcf3ac5034bc0da074d6a383bbe6c32561de5

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 04:47:18 GMT
x-cache-lookup
Cache Hit
last-modified
Fri, 08 Dec 2023 08:44:42 GMT
server
Lego Server
age
100847
etag
"6572d77a-c8dc"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
8101288393268727790
accept-ranges
bytes
content-length
51420
expires
Wed, 10 Jan 2024 04:47:18 GMT
SukhumvitReg.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitReg.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 06:32:15 GMT
x-cache-lookup
Cache Hit
last-modified
Mon, 27 Nov 2023 02:58:21 GMT
server
Lego Server
age
71753
etag
"656405cd-7a90"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
14144875223894268270
accept-ranges
bytes
content-length
31376
expires
Thu, 28 Dec 2023 06:32:15 GMT
prompt-bold-webfont.woff2
s.isanook.com/sr/0/fonts/prompt/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/prompt/prompt-bold-webfont.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
d68c3ead837103c502de483abfdb0167fa83abe2a3ba452df2d5f216289f6c9f

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 01:31:03 GMT
x-cache-lookup
Cache Hit
last-modified
Tue, 28 Nov 2023 12:27:27 GMT
server
Lego Server
age
0
etag
"6565dcaf-cf40"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
18059367274900287041
accept-ranges
bytes
content-length
53056
expires
Fri, 29 Dec 2023 01:31:03 GMT
prompt-semibold-webfont.woff2
s.isanook.com/sr/0/fonts/prompt/ 		50 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/prompt/prompt-semibold-webfont.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
211ce11050c57b74d7f793232305a8ee5cea7f061366efaa6df4bff5cb7a2495

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:48:41 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 23 Nov 2023 06:09:03 GMT
server
Lego Server
age
0
etag
W/"655eec7f-c930"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
237117749873399411
accept-ranges
bytes
content-length
51542
expires
Sat, 23 Dec 2023 11:48:41 GMT
SukhumvitBold.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitBold.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 19:46:27 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Mon, 27 Nov 2023 02:58:21 GMT
server
Lego Server
age
26150
etag
W/"656405cd-7df4"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
1834970139262677607
accept-ranges
bytes
content-length
32272
expires
Wed, 27 Dec 2023 19:46:27 GMT
js
www.googletagmanager.com/gtag/ 		249 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2d50995123063f4a744935b06b9b5e7a0b4c4abc9f7e9f79e324a7f4f7f30933
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86900
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 20 Dec 2023 07:50:19 GMT
/
www.googleadservices.com/pagead/conversion/1007499765/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/1007499765/?random=1703058619031&cv=11&fst=1703058619031&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&bttype=purchase&auid=1368951224.1703058619&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
c9a6aee0a88b459c2c350401d70e6153c928dd82f122c936376cf56dcc155231
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1691
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/?random=1703058619035&cv=11&fst=1703058619035&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&auid=1368951224.1703058619&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0f1818639a6eec8e350d3a5920b34d20d2b1a7a78d357b2c5daec07cf0f4d2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 20 Dec 2023 07:48:14 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
125
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 20 Dec 2023 09:48:14 GMT
activity
t.ocmhood.com/v2/ 		0
429 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.ocmhood.com/v2/activity
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 20 Dec 2023 07:50:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SmZxPQZ4N07K0rAc6sCuMXT9f7RSnUNetq0sLla6eRhdKiYJ7wX83Cnv27mHQxLVjfVmfcR8gB3cX08iGISTzch0B6LU7WazPzfLNRCW1t8wBBYXbAmr165b7KdrpXSLMheQ3%2BQMPgi0Q0I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
no-cache
cf-ray
83864b33cf0865c6-FRA
alt-svc
h3=":443"; ma=86400
activity
t.ocmhood.com/v2/ 		0
270 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.ocmhood.com/v2/activity
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 20 Dec 2023 07:50:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dO8Ee4lB5BIa6WZ7kDZGgaovFd%2FoG61tbj%2BzhH7BJ2uDgCL3nF%2FoE1noVJf0YhM%2Fh9jvRvryBY9BE4sMAozh8Y2jopFvYiZfEkCm2%2BFI4YZUn%2FgrEG8niq99MkEJtEUWvMFS5kS3y4bGiKw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
no-cache
cf-ray
83864b33cf0b65c6-FRA
alt-svc
h3=":443"; ma=86400
/
beacon.taboola.com/ 		0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.taboola.com/?cat=webpush&v=1.5&src=Sanook&event=cancel&features=adblock
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230053-FRA
date
Wed, 20 Dec 2023 07:50:19 GMT
via
1.1 varnish
server
Varnish
x-timer
S1703058619.331881,VS0,VE0
access-control-allow-methods
GET, POST
content-type
x-cache
HIT
cache-control
private, no-store
access-control-allow-credentials
true
accept-ranges
bytes
retry-after
0
x-cache-hits
0
collect
region1.analytics.google.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-M0RYDTKBFK&gtm=45je3bt0v888883767z877572129&_p=1703058618519&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=177490872.1703058619&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&sid=1703058619&sct=1&seg=0&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&en=page_view&_fv=1&_nsi=1&_ss=2&ep.user_session_id=1703058619028.rc6l287n&ep.content_channel=firstpage&ep.content_page_format=indexpage&ep.adblock_tracker=false&upn.user_login=0&tfd=3003
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M0RYDTKBFK&cid=177490872.1703058619&gtm=45je3bt0v888883767z877572129&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M0RYDTKBFK&cid=177490872.1703058619&gtm=45je3bt0v888883767z877572129&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1655670951
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1489944661112333&ev=PageView&dl=https%3A%2F%2Fwww.sanook.com%2F&rl=&if=false&ts=1703058619160&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1703058619160.2121220908&ler=empty&it=1703058618941&coo=false&rqm=GET
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 20 Dec 2023 07:50:19 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
tagline-template-update-april.jpg
s.isanook.com/fi/0/fp/393/1968597/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/393/1968597/tagline-template-update-april.jpg?ip/crop/w555h333/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
e3d9f2490370d0efc65f52ab490598f97f008d4b63d8c887e0bde1be24aa3d6e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:41:20 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
6260041476615449525
accept-ranges
bytes
content-length
26736
expires
Fri, 19 Jan 2024 07:41:20 GMT
jj(1).jpg
s.isanook.com/fi/0/fp/388/1941605/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/388/1941605/jj(1).jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
50ead8ea1ce009d64e0c5bfff85a20145861f002264a9353cc5ceb3d379e41fd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 12:57:22 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
6117663717573224682
accept-ranges
bytes
content-length
10356
expires
Thu, 18 Jan 2024 12:57:22 GMT
tammy.jpg
s.isanook.com/fi/0/fp/393/1968561/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/393/1968561/tammy.jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
53063b6a9d9d95002adaa6167563f8851385774ebf2ba793ca2469320e3c000f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 05:10:59 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
3607330573766309074
accept-ranges
bytes
content-length
9009
expires
Fri, 19 Jan 2024 05:10:59 GMT
p_sport-2023-12-20t111507.8.jpg
s.isanook.com/fi/0/fp/393/1968589/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/393/1968589/p_sport-2023-12-20t111507.8.jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
13e422899dca02f769891a2c3d64bf4f4d301f7e52cc339d5f6fdbe066d17e8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 05:28:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
176
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
4049235223076051544
accept-ranges
bytes
content-length
11934
expires
Fri, 19 Jan 2024 05:28:15 GMT
ntbc.jpg
s.isanook.com/fi/0/fp/393/1968549/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/393/1968549/ntbc.jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
a4363bbb20011c20023fbbe2104b220da4d059493b4bf7ce5b45beda053896cb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 05:10:59 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
5288748897501095493
accept-ranges
bytes
content-length
8658
expires
Fri, 19 Jan 2024 05:10:59 GMT
page.jpg
s.isanook.com/fi/0/fp/393/1968585/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/393/1968585/page.jpg?ip/crop/w172h97/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
e4e7f3df7400e43beea38551923b937272d4fb948f49028be72d2d1a84bc56a6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 05:10:10 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
48
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
15548581042240693983
accept-ranges
bytes
content-length
4744
expires
Fri, 19 Jan 2024 05:10:10 GMT
tagline-template-update-april.jpg
s.isanook.com/fi/0/fp/393/1968337/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/393/1968337/tagline-template-update-april.jpg?ip/crop/w172h97/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
8ab3839a039554c34cf56516076ed6ad88d939ded7cb3ba620e0a7beaf301b9d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 05:08:52 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
126
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
4416792435932364296
accept-ranges
bytes
content-length
6606
expires
Fri, 19 Jan 2024 05:08:52 GMT
sa(1).jpg
s.isanook.com/fi/0/fp/393/1968557/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/393/1968557/sa(1).jpg?ip/crop/w172h97/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
b1e736111173a1817b31f7f1329e9db9b3053c35c702bdbe821f10237eb87d51
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:41:21 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
10609441704652393427
accept-ranges
bytes
content-length
4909
expires
Fri, 19 Jan 2024 07:41:21 GMT
h8.jpg
s.isanook.com/fi/0/fp/393/1967833/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/393/1967833/h8.jpg?ip/crop/w172h97/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
3207f1c85df46208d16f0493aec0d9743fb9494b217fc4370905a72f9441d5ac
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 05:08:52 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
127
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
18183048402198062595
accept-ranges
bytes
content-length
3275
expires
Fri, 19 Jan 2024 05:08:52 GMT
1.jpg
s.isanook.com/fi/0/fp/393/1968525/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/393/1968525/1.jpg?ip/crop/w172h97/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
d1247d96307e72425b2cc053be1316cc0cc7ca2d5a0abcbbd2108254ad3c9edf
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 06:38:36 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
747
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
6540922869383930771
accept-ranges
bytes
content-length
3941
expires
Fri, 19 Jan 2024 06:38:36 GMT
gamer_1200x720.jpg
s.isanook.com/fi/0/fp/357/1789513/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/357/1789513/gamer_1200x720.jpg?ip/crop/w172h97/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
9fcb61b1ebede6235a8da1e9c82dce2dd5945790bcc05f20c8e257e8931a182e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 01:08:49 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
11867573835639096640
accept-ranges
bytes
content-length
5066
expires
Sun, 31 Dec 2023 01:08:49 GMT
sanook_thumbnail_1200x720(45.jpg
s.isanook.com/fi/0/fp/393/1968389/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/393/1968389/sanook_thumbnail_1200x720(45.jpg?ip/crop/w172h97/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
fb341be84f1940a0c05ddb4be2e29409183cd3a0dff27db681c787b1c247c8b7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:08:40 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
38
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
15111464030482616992
accept-ranges
bytes
content-length
4361
expires
Fri, 19 Jan 2024 01:08:40 GMT
tagline-template-update-april.jpg
s.isanook.com/fi/0/fp/393/1968401/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/393/1968401/tagline-template-update-april.jpg?ip/crop/w172h97/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
dd7b3b2db863abe2ccb2bae3f5e3e8df5d551f09460e8cc0ba40e2a0b5053c75
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:12:50 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
14032897420304866458
accept-ranges
bytes
content-length
4995
expires
Fri, 19 Jan 2024 01:12:50 GMT
oppa.js
p3.isanook.com/sh/0/js/ 		537 B
581 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/sh/0/js/oppa.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:38:02 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Wed, 17 May 2017 08:37:40 GMT
server
Lego Server
age
85748
etag
"591c0bd4-219"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
7948637085375380535
accept-ranges
bytes
content-length
363
expires
Thu, 28 Dec 2023 07:38:02 GMT
/
www.google.de/pagead/1p-conversion/1007499765/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=941209991&cv=11&fst=1703058619031&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&gcd=11l1l1l1l1&dma_cps=sypham&d...
  • https://www.google.com/pagead/1p-conversion/1007499765/?random=941209991&cv=11&fst=1703058619031&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=120...
  • https://www.google.de/pagead/1p-conversion/1007499765/?random=941209991&cv=11&fst=1703058619031&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/1007499765/?random=941209991&cv=11&fst=1703058619031&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&auid=1368951224.1703058619&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0p1RnJBWVFxczZHc04tS2g4dG9FaVlBaUQwSi1YUjNKQjB5LVFHeldsM2JvTHN0ZW8zNnAyaHliTDdsbHZRVXE0YmlJTzI0U2caWkNoRUlnSnVGckFZUXpLRGJzNVdJeWZLdkFSSXVBUHBDa1M4OXNPSVY2TGNFMGRzcFc5Q3N5M1pld0RVQXRCQVRSRTJaQUt2OG04M3l5NUgwTW42WmhGbDNNQSITCJ_wmuDDnYMDFQtIHgId5uoDmA&is_vtc=1&ocp_id=u5yCZd-mCYuQ-cAP5tWPwAk&cid=CAQSKQAvHhf_zkq7ewDwjFrOhXPMG6oYNF7wo4h7loM2lB-kR_6UmatB7bYr&eitems=ChEIgJuFrAYQsaWC8uL41eLTARIdAOBcHGe68shFtW3u284_6YV_dFua_BrvHK15Rug&random=208336689&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:19 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:19 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/1007499765/?random=941209991&cv=11&fst=1703058619031&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&auid=1368951224.1703058619&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0p1RnJBWVFxczZHc04tS2g4dG9FaVlBaUQwSi1YUjNKQjB5LVFHeldsM2JvTHN0ZW8zNnAyaHliTDdsbHZRVXE0YmlJTzI0U2caWkNoRUlnSnVGckFZUXpLRGJzNVdJeWZLdkFSSXVBUHBDa1M4OXNPSVY2TGNFMGRzcFc5Q3N5M1pld0RVQXRCQVRSRTJaQUt2OG04M3l5NUgwTW42WmhGbDNNQSITCJ_wmuDDnYMDFQtIHgId5uoDmA&is_vtc=1&ocp_id=u5yCZd-mCYuQ-cAP5tWPwAk&cid=CAQSKQAvHhf_zkq7ewDwjFrOhXPMG6oYNF7wo4h7loM2lB-kR_6UmatB7bYr&eitems=ChEIgJuFrAYQsaWC8uL41eLTARIdAOBcHGe68shFtW3u284_6YV_dFua_BrvHK15Rug&random=208336689&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/408516141/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/408516141/?random=1703058619035&cv=11&fst=1703055600000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_vCKHEDKi9xe_B90C4y-XhsHEgwcz6Q&random=3713406494&rmt_tld=0&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:19 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/408516141/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/408516141/?random=1703058619035&cv=11&fst=1703055600000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77572129&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_vCKHEDKi9xe_B90C4y-XhsHEgwcz6Q&random=3713406494&rmt_tld=1&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:19 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		16 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1817974858&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAEK~&jid=652407034&gjid=581693648&cid=177490872.1703058619&tid=UA-8147095-6&_gid=959330799.1703058619&_r=1&_slc=1&gtm=45He3bt0n81PNXLXRSv77572129&cd4=0&cd12=1703058619037.aoui8d49&cd22=firstpage&cd23=indexpage&cd43=0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=125963455
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1bf2204e4bc320500b589d112b120f2c00240f6bac71af61590485ae0ebc5998
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-8147095-6&cid=177490872.1703058619&jid=652407034&gjid=581693648&_gid=959330799.1703058619&_u=YADAAEAAAAAAACAEK~&z=1464362405
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 20 Dec 2023 07:50:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		236 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-17F0RQM2JW&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3a36143c24ad3241a6408ace8e7dac759b64a3ff46a9ab8232aa6f38f9e89636
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84548
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 20 Dec 2023 07:50:19 GMT
base-icon-v1.0.50.woff2
s.isanook.com/sr/0/fonts/icon/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/icon/base-icon-v1.0.50.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
745f76c8d7cfbe00c5f1d9cd212b35730ca273ebdf6f8b0f3f4f69e0ccb2ba29

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 06:46:01 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Wed, 29 Nov 2023 06:20:14 GMT
server
Lego Server
age
0
etag
W/"6566d81e-b12c"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
1927966031614902881
accept-ranges
bytes
content-length
45389
expires
Fri, 29 Dec 2023 06:46:01 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-8147095-6&cid=177490872.1703058619&jid=652407034&_u=YADAAEAAAAAAACAEK~&z=1757617465
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-8147095-6&cid=177490872.1703058619&jid=652407034&_u=YADAAEAAAAAAACAEK~&z=1757617465
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-17F0RQM2JW&gtm=45je3bt0v9134475311&_p=1703058618519&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=177490872.1703058619&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sid=1703058619&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_4=0&ep.ua_dimension_12=1703058619037.aoui8d49&ep.ua_dimension_22=firstpage&ep.ua_dimension_23=indexpage&ep.ua_dimension_43=0&tfd=3481
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-17F0RQM2JW&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-17F0RQM2JW&cid=177490872.1703058619&gtm=45je3bt0v9134475311&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-17F0RQM2JW&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c1d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-17F0RQM2JW&cid=177490872.1703058619&gtm=45je3bt0v9134475311&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=1974849748
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hub.html
p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/ Frame C191 		236 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-8a207e855bdf22ab3198.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9
cache-control
no-cache, max-age=0
content-encoding
gzip
content-length
186
content-type
text/html
date
Wed, 20 Dec 2023 07:50:10 GMT
server
Lego Server
vary
Accept-Encoding
x-cache-lookup
Cache Miss Hit From Inner Cluster Cache Miss
x-nws-log-uuid
8607952317215179189
x-page-speed
1.13.35.2-0
/
graph.sanook.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getFirstpageLatestEntryConnection&variables=%7B%22channels%22%3A%5B%22firstpage%22%5D%2C%22types%22%3A%5B%22content%22%5D%2C%22categoryIds%22%3A%7B%22channel%22%3A%22firstpage%22%2C%22ids%22%3A%5B794%5D%7D%2C%22categorySlugs%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22slugs%22%3A%5B%22hotnews%22%5D%7D%5D%2C%22orderBy%22%3A%7B%22direction%22%3A%22DESC%22%2C%22field%22%3A%22STICKY%22%7D%2C%22first%22%3A4%2C%22excludeEntries%22%3A%5B%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968597%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968593%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968565%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968545%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968517%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1941605%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968561%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968589%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968549%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968585%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968337%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968557%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967833%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968525%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1789513%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968389%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968401%7D%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22e838b992f7a7cc1c8b668a941703f23d86e1cac625b856a8370085b3e2cd253f%22%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
203.151.130.56 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
56.130.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.sanook.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Max-Age
300
Connection
keep-alive
Date
Wed, 20 Dec 2023 07:50:20 GMT
G-API-Cache-Status
BYPASS
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Vary
Origin
/
graph.sanook.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getFirstpageLatestEntryConnection&variables=%7B%22channels%22%3A%5B%22firstpage%22%5D%2C%22types%22%3A%5B%22content%22%5D%2C%22categoryIds%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22ids%22%3A%5B794%5D%7D%5D%2C%22categorySlugs%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22slugs%22%3A%5B%22ch-entertain%22%5D%7D%5D%2C%22first%22%3A4%2C%22excludeEntries%22%3A%5B%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968597%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968593%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968565%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968545%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968517%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1941605%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968561%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968589%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968549%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968585%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968337%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968557%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967833%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968525%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1789513%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968389%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968401%7D%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22e838b992f7a7cc1c8b668a941703f23d86e1cac625b856a8370085b3e2cd253f%22%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
203.151.130.56 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
56.130.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.sanook.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Max-Age
300
Connection
keep-alive
Date
Wed, 20 Dec 2023 07:50:20 GMT
G-API-Cache-Status
BYPASS
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Vary
Origin
publishertag.js
static.criteo.net/js/ld/ 		131 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-8a207e855bdf22ab3198.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-20a3d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Dec 2023 07:50:19 GMT
cookiepolicy.png
s.isanook.com/sr/0/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/cookiepolicy.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
d57aeaf80265f0b85de1bf9798c3eb60e8b8a71869a16cea4873e21667c9f657

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 02:17:23 GMT
x-cache-lookup
Cache Hit
last-modified
Tue, 28 Nov 2023 12:27:37 GMT
server
Lego Server
age
0
etag
"6565dcb9-428b"
content-type
image/png
cache-control
s-maxage=10
x-nws-log-uuid
76566810264664046
accept-ranges
bytes
content-length
17035
sanook_trend
sloth-api.sanook.com/api/ 		763 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sloth-api.sanook.com/api/sanook_trend?channel=all&t=473071
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/9669-b56602280eb9384c191d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
61.91.93.46 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-46.static.asianet.co.th
Software
nginx / Express
Resource Hash
94ef9ea225fbbc06f4a4f3ec520721adc948170236ddb9c31f4c137571c2865d

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-Response-Time
0.681ms
Date
Wed, 20 Dec 2023 07:50:20 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"2fb-T/F8JUIn3gsvI5zUvNZ5HtbKx4k"
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Content-Length
763
Expires
Fri, 19 Jan 2024 07:50:20 GMT
e_1.png
s.isanook.com/sr/0/images/events/2023/sudjad/desktop/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/events/2023/sudjad/desktop/e_1.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
1af5312a150b7851c9ed2bed717f00b92549ce0ac595fb50773ec89539c5c2f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:03:05 GMT
x-cache-lookup
Cache Hit
last-modified
Mon, 18 Dec 2023 03:07:41 GMT
server
Lego Server
age
0
etag
"657fb77d-459"
content-type
image/png
x-nws-log-uuid
12292801735500753566
accept-ranges
bytes
content-length
1113
e_2.png
s.isanook.com/sr/0/images/events/2023/sudjad/desktop/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/events/2023/sudjad/desktop/e_2.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
b42b239e61cc28fd9d4926a927a5c1204bcd4972e8807f89c94c9caff7b9101b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:01:25 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
etag
"657fb77d-1482"
content-type
image/png
x-nws-log-uuid
10407851234190213282
accept-ranges
bytes
content-length
5250
expires
Mon, 18 Dec 2023 04:06:25 GMT
e_3.png
s.isanook.com/sr/0/images/events/2023/sudjad/desktop/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/events/2023/sudjad/desktop/e_3.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
db79889f24e1ad1bfbb2d036d90c6bd4d17e86e88ac1a793247e28499b2d6ac1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:03:05 GMT
x-cache-lookup
Cache Hit
last-modified
Mon, 18 Dec 2023 03:07:41 GMT
server
Lego Server
age
0
etag
"657fb77d-c09"
content-type
image/png
cache-control
s-maxage=10
x-nws-log-uuid
7391014185966252403
accept-ranges
bytes
content-length
3081
/
graph.sanook.com/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getFirstpageLatestEntryConnection&variables=%7B%22channels%22%3A%5B%22firstpage%22%5D%2C%22types%22%3A%5B%22content%22%5D%2C%22categoryIds%22%3A%7B%22channel%22%3A%22firstpage%22%2C%22ids%22%3A%5B794%5D%7D%2C%22categorySlugs%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22slugs%22%3A%5B%22hotnews%22%5D%7D%5D%2C%22orderBy%22%3A%7B%22direction%22%3A%22DESC%22%2C%22field%22%3A%22STICKY%22%7D%2C%22first%22%3A4%2C%22excludeEntries%22%3A%5B%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968597%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968593%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968565%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968545%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968517%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1941605%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968561%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968589%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968549%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968585%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968337%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968557%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967833%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968525%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1789513%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968389%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968401%7D%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22e838b992f7a7cc1c8b668a941703f23d86e1cac625b856a8370085b3e2cd253f%22%7D%7D
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-8a207e855bdf22ab3198.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
203.151.130.56 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
56.130.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
fcfce8c1786e5b1aa81cc8f77d993172d4c4a99a3d0ca2c5234ff10658c1ce01
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept
*/*
Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

Date
Wed, 20 Dec 2023 07:50:21 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Server
nginx
ETag
W/"19d7-Izni7LZ4RHbHQHqMQn6IGQdhRts"
X-Cache-Status
HIT
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Credentials
true
G-API-Cache-Status
HIT
Connection
keep-alive
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization
/
graph.sanook.com/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getFirstpageLatestEntryConnection&variables=%7B%22channels%22%3A%5B%22firstpage%22%5D%2C%22types%22%3A%5B%22content%22%5D%2C%22categoryIds%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22ids%22%3A%5B794%5D%7D%5D%2C%22categorySlugs%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22slugs%22%3A%5B%22ch-entertain%22%5D%7D%5D%2C%22first%22%3A4%2C%22excludeEntries%22%3A%5B%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968597%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968593%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968565%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968545%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968517%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1941605%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968561%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968589%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968549%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968585%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968337%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968557%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1967833%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968525%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1789513%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968389%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1968401%7D%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22e838b992f7a7cc1c8b668a941703f23d86e1cac625b856a8370085b3e2cd253f%22%7D%7D
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-8a207e855bdf22ab3198.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
203.151.130.56 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
56.130.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
84c2a85f42b82e94725a0f9c7b9536905f9b5e8bb103d52c08fd6e1373831eb2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept
*/*
Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

Date
Wed, 20 Dec 2023 07:50:21 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Server
nginx
ETag
W/"1749-/0Jtp/j71pj14b9Ikz5YA1pZGXg"
X-Cache-Status
EXPIRED
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Credentials
true
G-API-Cache-Status
HIT
Connection
keep-alive
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization
syncframe
gum.criteo.com/ Frame 7EFB 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 20 Dec 2023 07:50:19 GMT
server
Kestrel
server-processing-duration-in-ticks
383792
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
slice_2.png
s.isanook.com/sr/0/images/events/2023/sudjad/desktop/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/events/2023/sudjad/desktop/slice_2.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
92ed6bccd233674d98f513f8294070d3348a080adba4db8572a995e686cb8692

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:01:21 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
etag
"657fb77d-b0b2"
content-type
image/png
cache-control
s-maxage=10
x-nws-log-uuid
17243503610340762414
accept-ranges
bytes
content-length
45234
expires
Mon, 18 Dec 2023 04:06:21 GMT
button_close.png
s.isanook.com/sr/0/images/events/2023/sudjad/desktop/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/events/2023/sudjad/desktop/button_close.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
9aab030521296163f799c5489a3827c4d54c218ef4b96b376574dda76a8089c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:03:05 GMT
x-cache-lookup
Cache Hit
last-modified
Mon, 18 Dec 2023 03:07:41 GMT
server
Lego Server
age
0
etag
"657fb77d-5de"
content-type
image/png
cache-control
s-maxage=10
x-nws-log-uuid
16780875172290538519
accept-ranges
bytes
content-length
1502
slice_1.png
s.isanook.com/sr/0/images/events/2023/sudjad/desktop/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/events/2023/sudjad/desktop/slice_1.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
c8947d2159e25be7db4efacbdb0b42d39170c6934cb5b59bbcad67d6531d9c0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:03:05 GMT
x-cache-lookup
Cache Hit
last-modified
Mon, 18 Dec 2023 03:07:41 GMT
server
Lego Server
age
0
etag
"657fb77d-8214"
content-type
image/png
cache-control
s-maxage=10
x-nws-log-uuid
17774681162274932641
accept-ranges
bytes
content-length
33300
button.png
s.isanook.com/sr/0/images/events/2023/sudjad/desktop/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/events/2023/sudjad/desktop/button.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
b01b431a4fa2559f97121c5e811606e82505bf2f5bf226636b10899a6c7d0305

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:01:22 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
etag
"657fb77d-bf9"
content-type
image/png
x-nws-log-uuid
15288918940957580656
accept-ranges
bytes
content-length
3065
expires
Mon, 18 Dec 2023 04:06:22 GMT
dc-script-v2.min.js
sal.isanook.com/dc/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sal.isanook.com/dc/dc-script-v2.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.151.133.6 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
6.134.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 07:50:21 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Nov 2020 11:46:30 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Fri, 19 Jan 2024 07:50:21 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/155976/781/ 		2 MB
247 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
32d4e32610f665f17e5f51340879ea8ef32485270d3e74e8e70eeae967b32cfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:19 GMT
content-encoding
gzip
last-modified
Tue, 22 Aug 2023 07:17:44 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=52030
accept-ranges
bytes
content-length
252083
expires
Wed, 20 Dec 2023 22:17:29 GMT
container_57b51f2f1c51b15b6d1e8553.js
avd.innity.net/225/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/oppa.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.212.201.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-201-53.deploy.static.akamaitechnologies.com
Software
nginx/1.20.2 /
Resource Hash
79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 07:50:19 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Aug 2020 08:27:45 GMT
Server
nginx/1.20.2
ETag
"5f48c001-20eb-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=945654
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3222
Expires
Sun, 31 Dec 2023 06:31:13 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/beacon.v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.27.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-27-31.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 05:41:21 GMT
content-encoding
gzip
via
1.1 8c71fe23914182493dae4cb15c841346.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:13:41 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P1
age
7739
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
OipB-fArkbu96vo3NZd9MiLYqeWjugMZbXDzhNsVZzL3ItJK7sX4Tg==
goggen.php
lvs2.truehits.in.th/ 		91 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lvs2.truehits.in.th/goggen.php?hc=d0004449&bv=0&rf=bookmark&web=/Vhy1yACZ11VEPpmneCGdw%3D%3D&bn=Netscape&ss=1600*1200&sc=24&sv=1.3&ck=y&ja=n&vt=E9EEA7AA.1&fp=d&fv=-&truehitspage=sanook.www.index&truehitsurl=https%3a//www.sanook.com/&async=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.58.214 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-58-214.northern.inet.co.th
Software
nginx/1.23.3 /
Resource Hash
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/jpeg
pragma
no-cache
date
Wed, 20 Dec 2023 07:50:19 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server
nginx/1.23.3
p3p
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
sid
mug.criteo.com/ Frame 7EFB
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=sanook.com&sn=ChromeSyncframe&so=0&topUrl=www.sanook.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=EznRq3xvTnNpYy94NGo2VVlJYVRkOVFIbmpxRmg0TDZlS2QyMlBhalVBa2k2cDdxd1gzdVk4REt2dE1rWVRqQXpWUnF2TTVKMytUSy9RR0RiaHlqbFArcUUrOG0zOSsyZnZNM0pSNFc0aUhlb1lub3IxRWl1bHlHWDFUbE...
430 B
654 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=EznRq3xvTnNpYy94NGo2VVlJYVRkOVFIbmpxRmg0TDZlS2QyMlBhalVBa2k2cDdxd1gzdVk4REt2dE1rWVRqQXpWUnF2TTVKMytUSy9RR0RiaHlqbFArcUUrOG0zOSsyZnZNM0pSNFc0aUhlb1lub3IxRWl1bHlHWDFUbEJnUzU3cFBTcC9lTGZaMlFFeGl2L3B3UHhEREhKT2JlTmVsVDV3cnYyTnNVUTVJcXdJOGlRUG50a2ZvaExqbEVLcmQ5bi9UdXRIdWlLVC8yYmJhY1pkWVZXak1FSzVzaU85ejhWcVFDemNOTW1jdTBDTzZSUFRFZGF6cXQ0M3Z4T1JGdUpPOE9UdW15VFhGaFNaZG8ycldQU2VwaGZldz09fA&cppv=2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
37e6c1b718f34460b662d4897568bc7864b0f716c7cc76bfe137247d912e8f25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:19 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1550561
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=EznRq3xvTnNpYy94NGo2VVlJYVRkOVFIbmpxRmg0TDZlS2QyMlBhalVBa2k2cDdxd1gzdVk4REt2dE1rWVRqQXpWUnF2TTVKMytUSy9RR0RiaHlqbFArcUUrOG0zOSsyZnZNM0pSNFc0aUhlb1lub3IxRWl1bHlHWDFUbEJnUzU3cFBTcC9lTGZaMlFFeGl2L3B3UHhEREhKT2JlTmVsVDV3cnYyTnNVUTVJcXdJOGlRUG50a2ZvaExqbEVLcmQ5bi9UdXRIdWlLVC8yYmJhY1pkWVZXak1FSzVzaU85ejhWcVFDemNOTW1jdTBDTzZSUFRFZGF6cXQ0M3Z4T1JGdUpPOE9UdW15VFhGaFNaZG8ycldQU2VwaGZldz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
306825
content-length
0
expires
0
dc.js
avd.innity.net/lib/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/lib/dc.js
Requested by
Host: avd.innity.net
URL: https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.212.201.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-201-53.deploy.static.akamaitechnologies.com
Software
nginx/1.20.2 /
Resource Hash
0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 07:50:19 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Oct 2021 06:40:46 GMT
Server
nginx/1.20.2
ETag
"61725cee-5149-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=513734
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6407
Expires
Tue, 26 Dec 2023 06:32:33 GMT
container_5f47736a47e7049801000002.js
avd.innity.net/261/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/261/container_5f47736a47e7049801000002.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.212.201.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-201-53.deploy.static.akamaitechnologies.com
Software
nginx/1.20.2 /
Resource Hash
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 07:50:19 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Sep 2020 01:58:26 GMT
Server
nginx/1.20.2
ETag
"5f73e642-1eac-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2395853
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2875
Expires
Wed, 17 Jan 2024 01:21:12 GMT
floors.json
ads.pubmatic.com/AdServer/js/pwt/floors/155976/781/ 		506 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/floors/155976/781/floors.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dcf1a54a6538fd9c42fa504bd7608af25f6cace6f801a65c506b599a557559ed

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Dec 2023 07:50:19 GMT
content-encoding
gzip
last-modified
Tue, 19 Dec 2023 07:23:09 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
*
content-type
application/json
cache-control
public, max-age=5293
access-control-allow-credentials
true
accept-ranges
bytes
content-length
224
expires
Wed, 20 Dec 2023 09:18:32 GMT
geo
ut.pubmatic.com/ 		12 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
642e0c55f52b2a291e47f5ab2d322e35f6776d8ce73b9cc0bd86c65bd4a26620

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Wed, 20 Dec 2023 07:50:19 GMT
cache-control
max-age=172800
content-length
12
content-type
application/json
gpt.js
www.googletagservices.com/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f57f24935c797b2197b123122ac229abc2bcb446ec3960765bcbd2c02e687b4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29557
x-xss-protection
0
server
cafe
etag
731 / 19711 / m202312060101 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 20 Dec 2023 07:50:19 GMT
b
sb.scorecardresearch.com/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=14617386&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703058619835&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2F&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&c9=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.27.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-27-31.vie50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:19 GMT
via
1.1 8c71fe23914182493dae4cb15c841346.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
VIE50-P1
x-amz-cf-id
8hUCzNGy8V6uOqAsqxE010QLigGy1mNtji45wtkRXolwE10hBXq-aA==
x-cache
Miss from cloudfront
/
avd.innity.com/dc/cb/ 		59 B
707 B 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by
Host: avd.innity.net
URL: https://avd.innity.net/lib/dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.243.203.231 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
b403df12963df5ae06f1d55491e0713c094cdc53bf5518b7527aaf5cf51e25ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Dec 2023 07:50:20 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Dec 2023 07:50:20 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
79
Expires
Wed, 04 Aug 1985 12:59:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:19:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
84661
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 18 Dec 2024 08:19:18 GMT
cdb
bidder.criteo.com/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=145&profileId=184&cb=90430637518
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 20 Dec 2023 07:50:19 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
cdb
bidder.criteo.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=145&profileId=184&cb=43864900834
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 20 Dec 2023 07:50:19 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
cdb
bidder.criteo.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=145&profileId=184&cb=44142817241
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 20 Dec 2023 07:50:20 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=805
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 20 Dec 2023 07:50:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=570
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 20 Dec 2023 07:50:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
213794966
fundingchoicesmessages.google.com/i/ 		182 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/213794966?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4f3e2fc1a111e3ffc785a9729d3c360c1d45f9400bba7a29920f3769837559b2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mkOTl2lEKEku094JWMgovQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:20 GMT
content-security-policy
script-src 'report-sample' 'nonce-mkOTl2lEKEku094JWMgovQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
hub.js
p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/ Frame C191 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/hub.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 10:53:33 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 18 Nov 2016 04:14:33 GMT
server
Lego Server
age
834732
etag
"582e8029-1e6a"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
17055869274433564160
accept-ranges
bytes
content-length
2483
expires
Tue, 19 Dec 2023 10:53:33 GMT
events
bidder.criteo.com/csm/ 		0
192 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 20 Dec 2023 07:50:19 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 14 Dec 2024 07:50:20 GMT
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 14 Dec 2024 07:50:20 GMT
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=703
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 20 Dec 2023 07:50:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
events
bidder.criteo.com/csm/ 		0
192 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 20 Dec 2023 07:50:19 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
hb
rtb-eu.andbeyond.media/ 		22 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-eu.andbeyond.media/hb?zone=136922&v=1.6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.sanook.com
Date
Wed, 20 Dec 2023 07:50:20 GMT
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
22
bid-request
a.teads.tv/hb/ 		16 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:20 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 20 Dec 2023 07:50:20 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		370 B
886 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17864&site_id=385176&zone_id=2142876&size_id=15&alt_size_ids=570&rf=https%3A%2F%2Fwww.sanook.com%2F&kw=%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%2C%E0%B8%AB%E0%B8%A7%E0%B8%A2%2C%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A%E0%B8%B2%E0%B8%A5%2C%E0%B8%9F%E0%B8%B1%E0%B8%87%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%2CJoox%2C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%2C%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%2C%E0%B8%A7%E0%B8%B2%E0%B9%84%E0%B8%A3%E0%B8%95%E0%B8%B5%E0%B9%89%2C%E0%B8%81%E0%B8%B5%E0%B8%AC%E0%B8%B2%2C%E0%B8%AB%E0%B8%99%E0%B8%B1%E0%B8%87%2C%E0%B8%A5%E0%B8%B0%E0%B8%84%E0%B8%A3%2C%E0%B8%84%E0%B8%A5%E0%B8%B4%E0%B8%9B%E0%B8%A7%E0%B8%B4%E0%B8%94%E0%B8%B5%E0%B9%82%E0%B8%AD%2C%E0%B8%AA%E0%B8%B8%E0%B8%82%E0%B8%A0%E0%B8%B2%E0%B8%9E%2C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%9A%E0%B8%B1%E0%B8%99%E0%B9%80%E0%B8%97%E0%B8%B4%E0%B8%87%2Csanook%2C%E0%B8%A7%E0%B8%B4%E0%B9%80%E0%B8%84%E0%B8%A3%E0%B8%B2%E0%B8%B0%E0%B8%AB%E0%B9%8C%E0%B8%9A%E0%B8%AD%E0%B8%A5%2C%E0%B9%80%E0%B8%81%E0%B8%A1%2C%E0%B8%94%E0%B8%B9%E0%B8%97%E0%B8%B5%E0%B8%A7%E0%B8%B5%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C&tg_i.page=https%3A%2F%2Fwww.sanook.com%2F&tg_i.domain=sanook.com&tg_i.pbadslot=%2F4899711%2Fwww.sanook%2Fdesktop%2Fall%2Findexpage%2Freca&tk_flint=pbjs_lite_v7.39.0&x_source.tid=36f991b0-6841-487f-9d14-442ae444d0be&l_pb_bid_id=1207f0134b9ce2f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F4899711%2Fwww.sanook%2Fdesktop%2Fall%2Findexpage%2Freca&slots=1&rand=0.08742671844835082
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
eacdfd7be587bedc9b4388ca9780b8b8dc713d666d370bc0999bbca1895a9151

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:20 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
370
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=861
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 20 Dec 2023 07:50:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
tencentth-d.openx.net/w/1.0/ 		73 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tencentth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sanook.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=36f991b0-6841-487f-9d14-442ae444d0be&nocache=1703058620127&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&aus=300x250%2C257x240%2C300x125&divids=rgpt-reca-4&aucs=%252F4899711%252Fwww.sanook%252Fdesktop%252Fall%252Findexpage%252Freca&auid=542511420
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
1f0830adc526d413b6f8c3cff6c2fc0ed15c28f48fbd5913023bda5b4bc165df

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:20 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sanook.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		138 B
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
8d6d6e3aaf9c286d3dd42f481878f43393ec8a26b2698f4eb221ade3d12ef73a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:20 GMT
an-x-request-uuid
22aa12dc-e208-46eb-a157-467815917245
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.137; 178.162.209.137; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=575406
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3b18d283554f1aff7785b2cf1341ac8c4e92079d44319561a6427057321b5e6

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XpLbMpG0H00gkBS0KJkXkMiKhgybRWC3VGPjf5i4ZjiejQKzZCRHVlkt1iZvg4CdXBXF10WinegtaUrE%2BptKIFbkBbHDRNcBEL91GB4%2BwIPTIr2%2B0oQdYZgronKQtaTHQsG5lLLY"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
83864b37fdc11e5c-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
events
bidder.criteo.com/csm/ 		0
192 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 20 Dec 2023 07:50:19 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=336
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 20 Dec 2023 07:50:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/ 		16 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:20 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 20 Dec 2023 07:50:20 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F95C 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=105499
content-encoding
gzip
content-length
5622
content-type
text/html
date
Wed, 20 Dec 2023 07:50:20 GMT
expires
Thu, 21 Dec 2023 13:08:39 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 397E 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=105499
content-encoding
gzip
content-length
5622
content-type
text/html
date
Wed, 20 Dec 2023 07:50:20 GMT
expires
Thu, 21 Dec 2023 13:08:39 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1AF8 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=105499
content-encoding
gzip
content-length
5622
content-type
text/html
date
Wed, 20 Dec 2023 07:50:20 GMT
expires
Thu, 21 Dec 2023 13:08:39 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
AGSKWxU_cDLWW3Yd9bNmxiw3GqsKJOf3Td5VWZJMxRpEeXfpFy-U4JIQBF21Birg4RfFSTbU8noGDhkp06gbqGHjh-MaVCDfC2AgH8oh89D9wGTDS0MeevZieBn4IxuSnopxqtumYbhHKQ==
fundingchoicesmessages.google.com/f/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU_cDLWW3Yd9bNmxiw3GqsKJOf3Td5VWZJMxRpEeXfpFy-U4JIQBF21Birg4RfFSTbU8noGDhkp06gbqGHjh-MaVCDfC2AgH8oh89D9wGTDS0MeevZieBn4IxuSnopxqtumYbhHKQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzMDU4NjIwLDIwODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuc2Fub29rLmNvbS8iLG51bGwsW1s4LCJVdkZCUVIzNFM1VSJdLFs5LCJkZSJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMwHoQ20fbHqWwNC8d65sakOgGWhJg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
69a3aa7096eb4fe5cd23a36f16814bcfcd7c684a78074d2da263bef7ee712963
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-pdjaezX0ChVHRyDr2Ar71g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:20 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-pdjaezX0ChVHRyDr2Ar71g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-aa2f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Dec 2023 07:50:20 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 04:16:06 GMT
content-encoding
gzip
via
1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
12855
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
BBjbFSE4Lo0-kgtH7SDLI8jElq22Xh_9CC1ByIoAlrj1FvBosVs8ug==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2447:6600:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Wed, 20 Dec 2023 06:19:35 GMT
Via
1.1 8bb90d44758ce70476efdf577c8bd268.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS58-P5
Age
5446
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
7CP54Wzrg9i0hD9wJtbo_RWQFyxxFhABrRfiu0FrJUQ91_gl2IInnA==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 23:30:13 GMT
content-encoding
gzip
age
548407
x-guploader-uploadid
ABPtcPpPE0vjHLKkcxVClS2DI0WddWarTtH4PXBLpfLZCdHoTRe5ZF8OJcHVEwRa3mtthjLTXg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Thu, 12 Dec 2024 23:30:13 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		152 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 07 Dec 2023 12:57:20 GMT
server
cloudflare
x-amz-request-id
FANESDDW9B9E9DSA
age
2672
etag
W/"5fcefeebf5ddc7b2ddf2435967e63de9"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
83864b38acb81e4e-FRA
x-amz-id-2
3/X8tH8E5rO8cGeSb+lNhU+ULwy45NMG2aWlCk5dk6b5qqPhSq/HFmIcDoU2bo2DgxRunmOxmgUfKwp80TBIyA==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
21842
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230131-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMn%2FMOK6LsOEzOGLqoilOyxSgteZW%2BemkMGKjJq%2FX4L1a4PQVaAuG16YAoI%2FTJW%2BX8A6NNGCxbZjnKRflRzbt6dc9tWJGoJR8TpeQ26Xut%2Ff7NMDvHoLwMFoZEdj5NzGzbAfvUX5ysfD0AgNcik%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
83864b38ac455c7a-FRA
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3602116451209563&correlator=857674232040963&eid=31079240&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cbillboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1%7C1150x90%7C1090x250&ifi=1&didk=498303881&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1703058620224&lmt=1703058620&adxs=225&adys=-90&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&psz=1150x-1&msz=1150x-1&fws=4&ohw=1150&ga_vid=177490872.1703058619&ga_sid=1703058620&ga_hid=1817974858&ga_fc=true&dlt=1703058618508&idt=1533&ppid=4f082f52eb4055479340a8418e752d04&prev_scp=category%3Dall&adks=3448326100&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b39ec875775ede95411adcd3d901789fa99ae7ceb76c5f59e09c38ea3235006
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13125
x-xss-protection
0
google-lineitem-id
6411935988
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138454975881
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		577 B
379 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3602116451209563&correlator=2122219717097303&eid=31079240&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2CSkyscraper&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=130x445&ifi=2&didk=1874942343&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1703058620231&lmt=1703058620&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&psz=0x0&msz=0x0&fws=132&ohw=130&ga_vid=177490872.1703058619&ga_sid=1703058620&ga_hid=1817974858&ga_fc=true&dlt=1703058618508&idt=1533&ppid=4f082f52eb4055479340a8418e752d04&prev_scp=category%3Dall&adks=908668280&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65177392856af280f032ec6c9a04dbf090a2ad89caca956cc24bf0e16fca2e1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3602116451209563&correlator=3203015344264837&eid=31079240&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cuniversalb&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&ifi=3&didk=2096832710&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1703058620235&lmt=1703058620&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=177490872.1703058619&ga_sid=1703058620&ga_hid=1817974858&ga_fc=true&dlt=1703058618508&idt=1533&ppid=4f082f52eb4055479340a8418e752d04&prev_scp=category%3Dall&adks=345054422&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6dafc9980703198efd207bec78d93964a8dadc6aa2481ce5cf72f964e4d20740
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12415
x-xss-protection
0
google-lineitem-id
5582840632
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138452573066
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 04FD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Dec 2023 07:50:20 GMT
expires
Thu, 19 Dec 2024 07:50:20 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		577 B
363 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3602116451209563&correlator=656996484469341&eid=31079240&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cleaderboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90%7C468x60&ifi=4&didk=3402878631&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1703058620261&lmt=1703058620&adxs=0&adys=1811&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&ga_vid=177490872.1703058619&ga_sid=1703058620&ga_hid=1817974858&ga_fc=true&dlt=1703058618508&idt=1533&ppid=4f082f52eb4055479340a8418e752d04&prev_scp=category%3Dall&adks=3667654068&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0814fdbb3bc4449c30e5ba38576219e29c50cdf80c0f858e3eb863045bf44f41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
287
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame F95C 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=88956112&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:18 GMT
content-length
0
ixmatch.html
js-sec.indexww.com/um/ Frame B9EE 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
773
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
83864b38ef9c8fd0-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Dec 2023 07:50:20 GMT
expires
Wed, 20 Dec 2023 11:50:20 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 02D6 		199 B
213 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Wed, 20 Dec 2023 07:50:20 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame 55E4 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.96.175 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-96-175.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 20 Dec 2023 07:50:20 GMT
ETag
"623de86a-cf34"
Expires
Thu, 21 Dec 2023 07:50:22 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
AGSKWxVjRlHk5FQH_9uwPz3Fh-99yPBdd3NP7Tcp_duFnQQ-KdHciQGXuv_aTsgiZFh6pcusKOdPWPyG5rhI6YjUSe_1C3WDlMKR23ds5RFoXzBMO9P4Xd1vfBrftrrvRQbTmxh7l2nyIw==
fundingchoicesmessages.google.com/f/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVjRlHk5FQH_9uwPz3Fh-99yPBdd3NP7Tcp_duFnQQ-KdHciQGXuv_aTsgiZFh6pcusKOdPWPyG5rhI6YjUSe_1C3WDlMKR23ds5RFoXzBMO9P4Xd1vfBrftrrvRQbTmxh7l2nyIw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzMDU4NjIwLDI4NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXSwiaHR0cHM6Ly93d3cuc2Fub29rLmNvbS8iLG51bGwsW1s4LCJVdkZCUVIzNFM1VSJdLFs5LCJkZSJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMwHoQ20fbHqWwNC8d65sakOgGWhJg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
71e108af5183f2557e792c3688c4eaf13b4c24f82633c396fb4de9c87926250b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2qFQeS9C6QHic-I5zdRSpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:20 GMT
content-security-policy
script-src 'report-sample' 'nonce-2qFQeS9C6QHic-I5zdRSpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3602116451209563&correlator=3076978559756367&eid=31079240&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Creca&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C257x240%7C300x125&ifi=5&didk=4218483591&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1703058620288&lmt=1703058620&adxs=1033&adys=1076&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&ga_vid=177490872.1703058619&ga_sid=1703058620&ga_hid=1817974858&ga_fc=true&dlt=1703058618508&idt=1533&ppid=4f082f52eb4055479340a8418e752d04&prev_scp=category%3Dall&adks=4033539290&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00fc88183f43638dc6d305d3cdcd5ae5d9ba2ae985917f14fbb23d838913b900
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10421
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 448F 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 20 Dec 2023 07:50:20 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
increment
id5-sync.com/api/esp/ 		0
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 20 Dec 2023 07:50:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
map
bcp.crwdcntrl.net/6/ 		60 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.253.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-253-3.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
c86f3e45e9a499c07faeb462cd04142feb57d7bb52f95fd908c5197057c374a1

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:20 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache
x-server
10.45.18.48
access-control-allow-credentials
true
content-length
60
expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame AC65 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsss7vyah_-YZ0SZZ_U7kkNRDVTtlbfNt4mzNP2slA-UiKocBZ2Tyn43C2J8Y8rPgGn2s023JRUMiC3KWA8valQIItjdRGpOWU7LLyJEzQRQjVIDQx1UEhcM_XNXveAsPnv_6tyRvN_gMpGeWpXuVaDQNyyxjV97q8Zy6mcCHJKHrAzgmz0TYVDGvIPi4r7D0gCOgGxCKSSF2NeFzpDETOWShCjzaHv4kdp0fIX6EZQKTPzzmTst80mBTq54GdhBhU-MMiz-nLNmzANK90qAG-Zb1I4UUDv7CFZCpscsBeMG8HHpjRA9_tOGTj7JxjsbdV1Xy55OLaIckmU6qltAhJb346Z6G6PDn9AV8ppWhFWTa2VV4HMr7Fd5zjJVK5Y&sai=AMfl-YS04_wCu08WZ0IEns0RW5XVgb4Un-l8IR93PMoyRFvGgmbVX-3WMIwq101i728c6lVIhQZuGqvTflsnyWjTt_qjWpuH_XeTdQePEyBRq2INY3cddmNVT061icAkMIWOu9_ScPVHcjUnW0051jz03HQ&sig=Cg0ArKJSzGrbs6xtVMntEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame AC65 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Dec 2023 07:50:20 GMT
usync.js
eus.rubiconproject.com/ Frame 448F 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a58069f865739d0b8ced7cc628818c2db43bf28a8aa132cb2b867054c9a50e45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 07:50:20 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Dec 2023 21:40:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=49792
Connection
keep-alive
Content-Length
13201
Expires
Wed, 20 Dec 2023 21:40:12 GMT
o_1hfqleghk1r4c1am71h5367i1vrtb.jpg
img-as.fsanook.com/files/uploads/ads/dfp/20231122/ 		120 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-as.fsanook.com/files/uploads/ads/dfp/20231122/o_1hfqleghk1r4c1am71h5367i1vrtb.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.154 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
9d8ff28e956643ad952069a12f38c79cd8bfde6985faad3f81ad6ddded87d8ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 06:39:51 GMT
x-cache-lookup
Cache Hit
last-modified
Wed, 22 Nov 2023 04:43:39 GMT
server
Lego Server
age
0
etag
"655d86fb-1df8e"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
x-nws-log-uuid
1512561651067506130
accept-ranges
bytes
content-length
122766
expires
Fri, 29 Dec 2023 06:39:51 GMT
o_1hfqo044t1osi1r1j18b950v1rrjd.jpg
img-as.fsanook.com/files/uploads/ads/dfp/20231122/ 		104 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-as.fsanook.com/files/uploads/ads/dfp/20231122/o_1hfqo044t1osi1r1j18b950v1rrjd.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.154 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
881d5052428a5885d84fe92df0ed357f7026e44ff2b391ddfe6641b82c0a822d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:45:30 GMT
x-cache-lookup
Cache Hit
last-modified
Wed, 22 Nov 2023 05:28:13 GMT
server
Lego Server
age
0
etag
"655d916d-1a0fe"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
x-nws-log-uuid
10881793952727681570
accept-ranges
bytes
content-length
106750
expires
Thu, 11 Jan 2024 08:45:30 GMT
o_1hfqo044tbcr1uckc5s1un178lc.jpg
img-as.fsanook.com/files/uploads/ads/dfp/20231122/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-as.fsanook.com/files/uploads/ads/dfp/20231122/o_1hfqo044tbcr1uckc5s1un178lc.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.154 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
5a6467f0a4c70cf448d6c8e2f83356284d3c1e34ecee935b05681e5e25d3bc09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 06:39:51 GMT
x-cache-lookup
Cache Hit
last-modified
Wed, 22 Nov 2023 05:28:13 GMT
server
Lego Server
age
0
etag
"655d916d-190be"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
x-nws-log-uuid
3921064527084930467
accept-ranges
bytes
content-length
102590
expires
Fri, 29 Dec 2023 06:39:51 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D5EA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsscLueSV_Ci-SAlECwNSKQ73R2jDL2oFcWkFQlWfkkrxR9Q5eFkbhm3qrPDEg2SXnnqQwzdpbffznZYe0V2DcKHSc6cZJ-GNEYBwFgeV57E6qF3rhl3TfYH8w6PHKs0bWS5v7DDcX3ZlLVktVmaLeeqUz8TkW1YRKIWbIuAzbcIw_a_Bz4FiaZ8JoAPSd90J1wnx87NwL61m5S_h3BwFc9tjz8rsLHELKJq6e_CZYWPcOUJcQNl-P5UfVQCh2U6wJgzOvL-O2gL3O73zwxZkuZAFEWpNIFnyUbT6VywwM1BdHIIQzQAlRTpRzZbJxWwBd6EjcF2RnynTiYdAK9Uy6RvOwRG1q5AoMjJSebEKgzulScDlLsq0v_jaCfa&sai=AMfl-YQbVlp7423cyRCvgsfcn8eFRARx7wbiH6qy3uYdeY8SVY3bdV5Q5tHwHsmIu5YUrDZJ00NZWQwCFRIJJkfuJtyQMPekgqJ4dsx3dEIWjmywHJMJ3uFyZGk6ifuNyk-bluqlvovk_gMIr9FAzx_gskk&sig=Cg0ArKJSzIFDF8F4rxHZEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame D5EA 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
44760e9ed01d417af431b989a3d9b3cf95c6141d5bced95ae09d3fa5da3d740d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29441
x-xss-protection
0
server
cafe
etag
355 / 19711 / 31080057 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 20 Dec 2023 07:50:20 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D5EA 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Dec 2023 07:50:20 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2F&rid=esp&cc=1
85 B
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2F&rid=esp&cc=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
4a6814b94c4909b1e575a1f1b2d29ffe0f49125855d4449da3945f5c9d562ae2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:20 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-DgOXIXqtYIYWF1S4mUFja5JDiqw"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Wed, 20 Dec 2023 07:50:20 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.sanook.com
location
/esp?url=https%3A%2F%2Fwww.sanook.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
bounce
ib.adnxs.com/ Frame 55E4
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
648 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:20 GMT
an-x-request-uuid
59568822-a51e-498d-a061-2a2d62010050
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.137; 178.162.209.137; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:20 GMT
an-x-request-uuid
4adfb9c2-01ab-454e-a5a0-c51da2c03af3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.137; 178.162.209.137; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame BC2E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
828 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
511eb5c2eac55f624b74b7571e7e351ddafac45b2686db1b690447098e79d888

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83864b399fc01e5c-FRA
content-encoding
br
content-type
text/html
date
Wed, 20 Dec 2023 07:50:20 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KSjhWXaGQ%2BADMeooOXORA2kFRrMqFgCYuFN4PSbRLpkkXWGu2W6%2FxoO6H55%2B6kYhNfNqw8LZ2n2hGZ4hJUmSRf2mkeBiL5aurwTrstG8oS3KzIb9AJ3ME2dy%2FOlR0VwloBeZCPsaQikaQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83864b397f941e5c-FRA
content-length
0
date
Wed, 20 Dec 2023 07:50:20 GMT
expires
0
location
/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WdE69nCa7HnsUsi3%2FjWI%2FN5QIRxl1d4kSdMWMuLvWXNgOJaenqdPEtXyIfaB9Iwnwsyf0Ir4eADrTtCE%2FcoIubgOQPgYp91c9vHFaeW21w9Bq1s5mrTLfDdHzDBbrW5tU%2BhPU6xZaJv%2FjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame AC65 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQYpZQ7sdSw_T8XWNxXQIEC_8ahahz38GNZHEv_oCkv9iP3yAzXthp3ZmSsTBeZ6pTcxnNz4D1DqVqrvOOgURrrEoMAThxxeIBWUHRLs07tpjyXNE92UAzXO-XvU6S92Zu3o6H22FOEAxBRrTVp1_mT1U1Fn0O9NfwjYSMqNUdXNcie-rn7-MxM0t7qujVmrWKiRBl8hrxW4Y5lvBwZfJzRGQm_IcuLBgY2Oq3rDYv1dBcQE1ruKUhBt1Vq5sDXaVgPHFzZS2qvJbVdQXOjji7a_zqLj3KJOkMip7qA1Yh_TA0fH0SAZMavRBK4d5SW5CygGrNrnCb4juISpe5K7-3tp2x0DG5_vffA2qZlhcI5XzZKqL2MlKsZbbatQWgRw&sai=AMfl-YRG--ZfHxbt3Hrb2vwqxk2WPwtaVUY3eo5a2HztlqbftrZRmkQQ_MqlcW8Vdh5ISudLou9BeN-mTb8REvO414bOn4R9sErtq61Ivahx6KVAk_4TzLmMElGognqq1l3iuWoJ2Q8XFFhGAiFnmhuVwsU&sig=Cg0ArKJSzKQd-Jr5X44VEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 20 Dec 2023 07:50:20 GMT
khaos.json
token.rubiconproject.com/ Frame 448F 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
b71bced807741b20dd93dce6c2d26405
Expires
0
casale
match.adsrvr.org/track/cmf/ Frame BC2E 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:20 GMT
server
Kestrel
content-length
70
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame BC2E
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZYKcvGXeAy9bBapzKW59LwAAFHgAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZYKcvGXeAy9bBapzKW59LwAAFHgAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZYKcvGXeAy9bBapzKW59LwAAFHgAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Dec 2023 07:50:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CTY2GVNJBAQND82SPXWB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 20 Dec 2023 07:50:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TPPQT35SP4YWZH132HSZ
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZYKcvGXeAy9bBapzKW59LwAAFHgAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame BC2E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZYKcvGXeAy9bBapzKW59LwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKIZ2UExngOxJVXRz1bqWxQ&google_cver=1
43 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKIZ2UExngOxJVXRz1bqWxQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M2GeCZHQnYaVk1k61%2F24hzL%2BMEp3w%2FVf2nuRua2leW095LSMwuW2LKu07LPt1w3yYwe%2BEJn1y9JdVMZNJFeS1Fq9b7GiwjotTcbbTYo9PJQl84b6NiqEU%2B8nf8MCqj4SIhWhR9PYpG1i6g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83864b3a6aff2bd7-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKIZ2UExngOxJVXRz1bqWxQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame BC2E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZYKcvGXeAy9bBapzKW59LwAAFHgAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEE39fp4_XVCYVHFbhlIEE2w&google_cver=1
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEE39fp4_XVCYVHFbhlIEE2w&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vM2TgJP2u0a0hYwa9oM39gOi5KW8rOrXCT8EUG6i0yLKX5Z4oOi1FT9yf%2Bt9cYn1lxcgxqQEqMKCKNdqjP54X%2F%2B7vRdbIVie7m6H0mCeLjXvb2UPcjLuoTtFHUBmqRab0N7u8L3McAVWdg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83864b3a6b012bd7-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEE39fp4_XVCYVHFbhlIEE2w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame BC2E
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=3e0fdf1d-fd6f-4f9d-3f485a6c
43 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=3e0fdf1d-fd6f-4f9d-3f485a6c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hnoQWHMl14PeEFFECnS5c3W3kzXmGPJRhim%2F1L8vxlDGfnILkJDH09qaKp2tIiHivob5g52T4b3oL3wlD7OMXqkLnpDz4ZUpJBnXb5lJ26K45u2eNpia%2Bx1SJGF33niwbz5Bn%2Bpo"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83864b3ad9391e5c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Wed, 20 Dec 2023 07:50:20 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=3e0fdf1d-fd6f-4f9d-3f485a6c
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
ix
ad4m.at/ad/sim/ Frame BC2E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
501709.gif
idsync.rlcdn.com/ Frame BC2E
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZYKcvGXeAy9bBapzKW59LwAA%265240&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZYKcvGXeAy9bBapzKW59LwAA%265240&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=65abd51b1bd04494ba3627fc6af8682c
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=65abd51b-1bd0-4494-ba36-27fc6af8682c
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=b56389da-8c74-4b6b-95ea-33bb0d75d282%3A1703058621.9797497&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Db56389da-8c74-4b6b-95ea-33bb0d7...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329529426099730&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Db56389da-8c74-4b6b-95...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=b56389da-8c74-4b6b-95ea-33bb0d75d282%3A1703058621.9797497&_=1703058621.9820776
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=b56389da-8c74-4b6b-95ea-33bb0d75d282%3A1703058621.9797497&_=1703058621.9820776
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:22 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Wed, 20 Dec 2023 07:50:22 GMT
via
1.1 581d2b2095e9ae9fc9bd8c38d2258832.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
VIE50-P1
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/501709.gif?partner_uid=b56389da-8c74-4b6b-95ea-33bb0d75d282%3A1703058621.9797497&_=1703058621.9820776
content-length
447
x-amz-cf-id
2uHmMLpIKh-Inn_sr2GJatcdgwth7CBGb90gJAgy9AY0-QtAjMu-1Q==
ZYKcvGXeAy9bBapzKW59LwAAFHgAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame BC2E 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZYKcvGXeAy9bBapzKW59LwAAFHgAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:7018:7dc3:a4e8:e820 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
htw-pixel.gif
cdn.indexww.com/ht/ Frame BC2E 		43 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZYKcvGXeAy9bBapzKW59LwAA%265240
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:20 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
15293
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
83864b39d8598fd0-FRA
content-length
43
expires
Thu, 21 Dec 2023 07:50:20 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/ Frame D5EA 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
013fc39efb38a28d8eccab58189059646847bc5c54e1c4b637e874b6109ee0ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 22:47:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
32593
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138203
x-xss-protection
0
server
cafe
etag
14959461090202361603
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 18 Dec 2024 22:47:07 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D5EA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuF-IPsAj1Q675nj2PeFVnBfcBr2uSxtCwwCWeTmSBdXepYN6Pv9S-TSlYipkPnZdD_JRqcD7l-ToTlR7402IEvvAikDo6cxxQhJEtrxmcU2kMgawuNmJksTQjFsCaI_twerJ2O-9OOkt5F3q0zhVup4lCWWgFkaQoLM_XieKTESHG0pQvmtd_BM7bMcB3kkONWB4J-Ink4GR9HP3IPIjRYdCeWM3hcxyvp7RuJ1k4-yJSRPNo9GC7Mr6MwufPCgZT7H1xECZ0zILTlvQfgTpVTfmt6v5tDN3wkP42LheGYIpKJAGzJAyRIhkSuTaC_1YRE0pVPSuaEfxse3SCvZL0jfCLzMbN4C1quRDbRlSy_kiS-t8GslRr2vpNc0PI&sai=AMfl-YQa0gBExU1cligB1rRMNM3PrYNT3_EW7EQv6cxZ2tajUyol9wT0hFvV5FwRihjUFiJVszg5j7cguPl-yxeZKwrkjZENMe3StEuLRcSHAmS4OcE06_yrKeKZi5BOqr-yQZvZX6IpPcTsv4tjrw34JCg&sig=Cg0ArKJSzIaSz4_vVwLKEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 20 Dec 2023 07:50:20 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame D5EA 		946 KB
96 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2879795536920383&correlator=688971624337564&eid=31079956%2C31080078%2C31080057&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&us_privacy=1---&iu_parts=21927187246%2C55034_Sanook_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&didk=607409652&sfv=1-0-40&sc=1&cookie=ID%3D624b013c0c9d173a%3AT%3D1703058620%3ART%3D1703058620%3AS%3DALNI_Macje2cWtKHf1B0AiKJKrKZ5NBvgg&gpic=UID%3D00000d23e611d098%3AT%3D1703058620%3ART%3D1703058620%3AS%3DALNI_MY2_0sPskvaZJI8BCcHYTUr6zYL3g&abxe=1&dt=1703058620587&lmt=1703058620&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=bdack6fn964i&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.sanook.com%2F&ref=https%3A%2F%2Fwww.sanook.com%2F&top=https%3A%2F%2Fwww.sanook.com%2F&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&ga_vid=177490872.1703058619&ga_sid=1703058621&ga_hid=588965258&ga_fc=true&dlt=1703058620344&idt=182&adks=178697795&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108b42dd2e142e268fdca69ffb1be33cee1c57b3a9d6f5a5700dde21ab6aba59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98409
x-xss-protection
0
google-lineitem-id
5849485604
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138373690262
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame D5EA 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312070101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5aa6eea82bcba15142ef1b92cc7dfe31d60b222c1d989bae19400130db61b3b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12377
x-xss-protection
0
container.html
db4318c4b1e041c3ee245d8ccfd7976c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9F0B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://db4318c4b1e041c3ee245d8ccfd7976c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Dec 2023 07:50:20 GMT
expires
Thu, 19 Dec 2024 07:50:20 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pd
google-bidout-d.openx.net/w/1.0/ Frame 868F 		199 B
202 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Wed, 20 Dec 2023 07:50:20 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
view
securepubads.g.doubleclick.net/pcs/ Frame A0A8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthLhSeikwU9RFNZ2Zw5gUzKRIdM-Dx_XJi5ENujOX69SuLo4D9rdiUhlodJ0V-_7frTjI_GbpzNyjQX2vweP3MLIg0ZUVigxw-Zg-iTP_BrHZzq5GhTsvCvSATiEoX3hJAuhHo-4DAZuXvbWM3ehTqAT9_04ABoulfMUjytGcnwCqpKBcoXm2ZYHWK49F6MKItC18v-YqKxBfht2nxXyBQEmGzOlOkk4LrnD0ED25Z7WahREyZw1MVsnpaFHowUK8nKZ8t8DBRd0_hKHyi2wJeccHRQI6QIrr-Afu6KQcNl6l9VPEVbhvPG9RJMFCRbmrhWTEu15oC3Mr_9KNfeM9rnJBpXpFf&sai=AMfl-YQyCotTqxd-mCLSwcbz11Ct2eWxHhYYzGYfsgJPuKwN6AcJF5_IbQMlm58-hjWqikDEq_OC3ePnRp9Eyd3H9fQ7okm4xDqeTB5WhHqflQEFkJaua0Uo8oP_lWLp7g&sig=Cg0ArKJSzJgTa2cEEJ22EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
check
rtbdemand.apiip.net/api/ 		169 B
397 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtbdemand.apiip.net/api/check?accessKey=7ef45bac-167a-4aa8-8c99-bc8a28f80bc5&fields=countryCode,regionCode,regionName,city,timeZone,countryName
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4668eca6b5fb46926e95c85f6085b09366fe90bcf5e777ae022ec2685543bc01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"a9-tE4kw9BW3pLQgUlGpBfAaEHZSUA"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
83864b3bf809b3a3-MUC
alt-svc
h3=":443"; ma=86400
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:41:39 GMT
content-encoding
gzip
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront), 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
522
etag
W/"d6937d02acbbf691a008906e9d0617e0"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
dftMNr9CFUGSGmFBrrSbRRHJ6waD4dPAUgtivwMsMIHKzp-bJbI42Q==
a.js
p.adlooxtracking.com/gpt/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/gpt/a.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.231.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:19:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
server
nginx
age
1823
etag
W/"81c857a6c52da1ca7444f198bd33b2ea"
last-modified
Tue, 22 Nov 2022 17:41:01 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3703
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A0A8 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Dec 2023 07:50:21 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D5EA 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Dec 2023 07:50:21 GMT
async_usersync
ib.adnxs.com/ Frame 55E4 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:21 GMT
an-x-request-uuid
9f14d971-1764-4e0b-8f5f-f46b19b0a3ac
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.137; 178.162.209.137; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=4.527904863353852
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-FctftiYPjPD3W7zR-uAk5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:21 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-FctftiYPjPD3W7zR-uAk5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=9.636365001889274
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ans-ZGkznv_ELb3-XePM6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:21 GMT
content-security-policy
script-src 'report-sample' 'nonce-Ans-ZGkznv_ELb3-XePM6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
container.html
18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FC08 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Dec 2023 07:50:20 GMT
expires
Thu, 19 Dec 2024 07:50:20 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
avd.innity.com/dc/ 		43 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/dc/?cl=225&cuid=cebab5098f437480bc1cd9471d29bf04&cb=1703058621768&douid=&sess=241242896.225.1703058621767&dur=0&ref=https%3A%2F%2Fwww.sanook.com%2F&srf=&pk=&pt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sr=1600x1200&ul=en-US&de=UTF-8&vp=1600x1200
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.243.203.231 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Dec 2023 07:50:22 GMT
Last-Modified
Wed, 20 Dec 2023 07:50:22 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
/
avd.innity.com/sync/ 		43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/sync/?partner=innity&token=cebab5098f437480bc1cd9471d29bf04&type=cookie&itmcb=1703058621768
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.243.203.231 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Dec 2023 07:50:22 GMT
Last-Modified
Wed, 20 Dec 2023 07:50:22 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
tagline-template-update-april.jpg
s.isanook.com/fi/0/fp/393/1968553/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/393/1968553/tagline-template-update-april.jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
f142eea6a2603d113030e23e07cfe140c533556b53118db5114182d4f1537e0e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 03:59:52 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
285
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
15660738979401361577
accept-ranges
bytes
content-length
13344
expires
Fri, 19 Jan 2024 03:59:52 GMT
tagline-template-update-april_1.jpg
s.isanook.com/fi/0/fp/393/1968541/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/393/1968541/tagline-template-update-april_1.jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
eaf9f07c34bff73d9c54dd264f724891212791661d59d6bf695ca8085d6cd9b7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:44:46 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
9110260387820776769
accept-ranges
bytes
content-length
9547
expires
Fri, 19 Jan 2024 07:44:46 GMT
tagline-template-update-april.jpg
s.isanook.com/fi/0/fp/393/1968533/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/393/1968533/tagline-template-update-april.jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
76e4852c851555c6b586f347e44f9fb29182fa33832191eb133e5f1ca03fd521
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 00:56:20 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
8993232584748952859
accept-ranges
bytes
content-length
12765
expires
Fri, 19 Jan 2024 00:56:20 GMT
tagline-template-update-april.jpg
s.isanook.com/fi/0/fp/393/1968537/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/393/1968537/tagline-template-update-april.jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
ad75c1e58779d85bb140d16e1375e9b7d3f1dde53b194bf8313bb7a44ebc0d26
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 03:56:44 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
2410673597183600087
accept-ranges
bytes
content-length
9587
expires
Fri, 19 Jan 2024 03:56:44 GMT
15.jpg
s.isanook.com/fi/0/fp/393/1968673/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/393/1968673/15.jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
52ded13dcfc77995e73e1e13f80f2a7c05a9cd67e053116fa085af8631410547
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:38:38 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
368
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
13614191788570241386
accept-ranges
bytes
content-length
6686
expires
Fri, 19 Jan 2024 07:38:38 GMT
nicha.jpg
s.isanook.com/fi/0/fp/393/1968669/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/393/1968669/nicha.jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
1ea85b9dc03f0214ce8e74e92e57f0019f9e5e2c08c7ea51e154d87c347c0453
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:05:47 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
15571002995897188528
accept-ranges
bytes
content-length
6031
expires
Fri, 19 Jan 2024 07:05:47 GMT
4.jpg
s.isanook.com/fi/0/fp/393/1968637/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/393/1968637/4.jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
79e1fba37bade20df475f489bd8599c09a2e6a43d36b1e9989a961283056088b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 06:49:05 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
292
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
17245826006225424464
accept-ranges
bytes
content-length
7935
expires
Fri, 19 Jan 2024 06:49:05 GMT
page.jpg
s.isanook.com/fi/0/fp/393/1968577/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/393/1968577/page.jpg?ip/crop/w268h151/q80/jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
bd9cc06630c7efc0bd58d1ededb887b352e8c7908f5d3f45414e38e9dc997967
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 04:51:41 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
5822195439080993908
accept-ranges
bytes
content-length
13573
expires
Fri, 19 Jan 2024 04:51:41 GMT
d
dc.sanook.com/sanookStat/userActBinary/ 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dc.sanook.com/sanookStat/userActBinary/d?v=1&_v=j41&a=1646506761&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cd4=0&cd22=firstpage&cd23=indexpage&_gid=959330799.1703058619&_u=AAAAAEABC~&cid=177490872.1703058619&tid=DC-8147095-6&z=1712149249
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
61.91.93.45 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-45.static.asianet.co.th
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 20 Dec 2023 07:50:22 GMT
X-Powered-By
ARR/3.0
Content-Length
0
c
sal.isanook.com/sa/ 		35 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sal.isanook.com/sa/c?v=1&_v=j41&a=1646506761&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QAAAAAABC~&cid=1949871162.1703058622&tid=SA-8147095-6&cd4=0&cd8=b&z=1532482693
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.151.133.6 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
6.134.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 20 Dec 2023 07:50:21 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
no-cache, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35
Expires
Thu, 01 Jan 1970 00:00:01 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A0A8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstXVlhDld-RH_-gDtqWS18WjzKpgWjO8F1wcH9VZvihYH85JVxe2SOjcP9wYr1aW953WgBsh_cEcoAkTHbHeKvkw4GNhn9tS5ixKTS4YXGlzlubFkPDgN-dGO45qZ4vlHSu0v8G9JZUj1SK0gVBbXXmzzetBpa3BJ6M3NQH38VTw88ru00XJNCKnyqMhJ87Plaa9cOTRlygTV8oDxjxV6w0D8VXfK0dHKRgsb9Uw3db1r5AxpIIiL4ONg5-ryqYEyewm5YpC4diMEazCOq7F44vTkTlBN_6bxL6jRkBcJJ8f3sTzmZKX-VjfbPtEPnB_CyMx0hRKuC0GTvfVO8kOWQJa_44VladaaU&sai=AMfl-YR67lek4uUQknXsQATLIv1KvwuJ--9gErMuS7Ln0tmHUtFJrYEWrF2rSrlyqLVfqR2VtoV9l1up2k9pHLU7SbiHHrikj86n53s503RU-vp_qYAbHymeT8XfTvrtFw&sig=Cg0ArKJSzCtd1r_RbOePEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 20 Dec 2023 07:50:21 GMT
AGSKWxWlJ7jMNH92JUXM-S12uWQOZYekRCQ9K6BZ_HPkZC-gUOHtMg78DSF4MB2wGYzexTievRaNgrfOJvZWeOP8R8AIHFxeYw1uYzAMrEB9tF8Qsuyy1ruJnWl9OuJEh3tZv2wD44VFBQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWlJ7jMNH92JUXM-S12uWQOZYekRCQ9K6BZ_HPkZC-gUOHtMg78DSF4MB2wGYzexTievRaNgrfOJvZWeOP8R8AIHFxeYw1uYzAMrEB9tF8Qsuyy1ruJnWl9OuJEh3tZv2wD44VFBQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMwHoQ20fbHqWwNC8d65sakOgGWhJg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-E4ZqOUUGiDllWN9eWohaOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Dec 2023 07:50:21 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-E4ZqOUUGiDllWN9eWohaOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.sanook.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
cd6cddc5-4dca-4d77-9a65-8b894400e772
config.aps.amazon-adsystem.com/configs/ 		564 B
831 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-39.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
dc8e270a6c4089b306a6058d541e71d584db80c236f99875470008a97c8303c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:42:42 GMT
via
1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
459
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
k-qbJTLBYYxyoXYTPB3mz2II6-ociJvzU8xFddwg86hlHqMhGdY1CA==
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.sanook.com&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
c86d792f85479bc941b4eb8e817e461f88e5b57097f65c48529b509857bda2ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 04:53:48 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
10593
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2196
x-amz-cf-id
x9d1KTs2reEOCwo0s-9RR-3aVBAHeZx82FKt2g9vjmv1SMSPTMi5iQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
date
Wed, 20 Dec 2023 01:52:56 GMT
x-amz-cf-pop
FRA56-P6
age
21446
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
J-_1KhSmvVGvGILlVsgNJjRmZaq837mtzRO-ZTziaX6raMASW-99kg==
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5890 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEIuDGhiq46n8ATAB&v=APEucNUPC0VQRmUX4UhYfdTcuMCgXu1bEY0nd0VR1Q8hC6FT2PmyJTTps2UilBo-RhKHJz0lIUri7C1uy-_Ui-9O3sjJywAZ6w
Requested by
Host: 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
URL: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Dec 2023 07:50:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame FC08 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
URL: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 20 Dec 2023 07:50:21 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FC08 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ah8weg-B_VGpJyq3BE4-H0jUwO2lJDax9xWXWe_R_7Ez395EhS19Dc1iWSamJ8xsVOWROw4Voa-9nNGksuu6kVUlx7N9aeL6Fh6FdCWNBMOuKmuZA
Requested by
Host: 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
URL: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FC08 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
URL: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 13:38:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
65493
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Jan 2024 13:38:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FC08 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
URL: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
21362
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Jan 2024 01:54:19 GMT
l
www.google.com/ads/measurement/ Frame FC08 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSxMiZeW_9Y54brrvsj8ruSPoXa82eWtsNMnSPZGnqv-Wp0EpoXAi5EwoWOpN4Q-OjnQn6J
Requested by
Host: 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
URL: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame FC08 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
URL: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Dec 2023 07:50:21 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.10.19 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-10-19.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:21 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Wed, 20 Dec 2023 08:05:21 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:52:33 GMT
content-encoding
gzip
via
1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
22168
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
cDuvPj-x-uMTItSGSmnnFdxNxisYfXSvjtiJE8F-Ab6ZRXEq9ez00Q==
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.sanook.com%2F&ref=&_it=amazon&partner_id=632
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:21 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 29 Nov 2023 15:31:45 GMT
server
cloudflare
x-amz-request-id
01CC8G5F16RM7B26
age
853
etag
W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
83864b42b8f09201-FRA
x-amz-id-2
HXRUR8HjAo6USwQLdtHY+PYQf8tGuqDCh/+7XnINsX6lV9HyCEeo0/fdHmm/D8O2xprGCoT8y84=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		151 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 07 Dec 2023 12:57:20 GMT
server
cloudflare
x-amz-request-id
AP83Z9WF86487CE4
age
3059
etag
W/"7229163a9092e2cee472ddee92dcb6ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
83864b4289301e4e-FRA
x-amz-id-2
Kf/JkumjpxQ0H8qSS0a6UOJRUJwGlJJVqYA1mzPdZkGWQg/fvg52A50YxtNa6/OFpxRSQOY+jCk=
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 36F5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
48826
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 18:16:35 GMT
expires
Wed, 18 Dec 2024 18:16:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 31C7 		829 B
980 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1cb6969420827a8f3f818b65291d02511a4fb69ed0fa54da6d96e97c9d258251
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Wwq1f0iJquaODhq02aoHzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Wwq1f0iJquaODhq02aoHzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 20 Dec 2023 07:50:21 GMT
expires
Wed, 20 Dec 2023 07:50:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
map
bcp.crwdcntrl.net/6/ 		60 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.253.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-253-3.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
772b5a4ad62b4a9349a56a97c3689ae34c9d05fb3b89ed18b1b28881dae213a1

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:21 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache
x-server
10.45.23.183
access-control-allow-credentials
true
content-length
60
expires
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 36F5 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 09:20:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
81014
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Dec 2024 09:20:07 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 31C7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312070101&jk=2879795536920383&rc=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
hadron.json
id.hadron.ad.gt/v1/ 		95 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=632&sync=0&domain=www.sanook.com&url=https://www.sanook.com/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.sanook.com%2F&ref=&_it=amazon&partner_id=632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f2f49b5c497f52e4067c4244ee77420957ae0a91481d0f68d3362a787331ae5

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Dec 2023 07:50:22 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
83864b441d529000-FRA
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=632&sync=0&domain=www.sanook.com&url=https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.sanook.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
83864b435c589000-FRA
content-length
0
content-type
application/json
date
Wed, 20 Dec 2023 07:50:22 GMT
debug
OPTIONS block
expires
Thu, 19 Dec 2024 07:50:22 GMT
server
cloudflare
prebid-custom-richaudience.js
rtbpass.andbeyond.media/ 		602 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.195.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e703a095f6114a9905c889cd75b7bd1059a758b00d3c01ca55f3f064a686a389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:22 GMT
content-encoding
br
via
1.1 varnish
x-amz-request-id
7NHVYZN9NCF403ZZ
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
190838
x-amz-id-2
UfCcI56gBSN4teUO6GKmqn6aq5G0miMFDyVXyMc6VIM/irBL4dEv8hX9cGuK2u32k6nT66ZYtQc+lgnrTvcUaw==
x-served-by
cache-fra-eddf8230128-FRA
last-modified
Thu, 14 Sep 2023 12:35:17 GMT
server
AmazonS3
x-timer
S1703058622.970704,VS0,VE662
etag
"5557f783869e27322374ad505b755076"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=86400
accept-ranges
bytes
x-cache-hits
1
gen_204
pagead2.googlesyndication.com/pagead/ Frame FC08 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1718269063684&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FC08 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1718269063684&version=m202309260101&ct=76&x=1&cor=11921550709094943000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame FC08 		83 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DIUC2xmj98ZqAyUi0PE4ObU1HrP5NMsNSKZz5xtQTvbC0Q7to4Ri_zHX4Oho4ZQxU8G_L2hIxC5wH8GxxLqOfsScFcBFsTJcPet1Iiu7vGHZg8AlgDdxqB-JewjNcWJt26ngAy0dY3V-onSR8OB0c6NvuwFuApgqpPShFuTYH3nu8Ptzc&dbm_d=AKAmf-AzJFrQpHov8Ut7wbQoxYjFbFXn2CRWIi3FH4b3NsJXw_mVxMTEqpn96KuDFEdaMva0RWuQt-n2LiNVuxkROuWQB2EGFqXUBeJAWu5ZTlTjT6Iw4Y5zyJHgxvTmN4RoDyH_9S_zcCpqsRZG2qeyEdfH2eYK2oM3ZuoYm3RVCbMSJh1w4Zo1GuL6g759bnikv-0SBwnHXMWyl5Ja4FTFng2cyIa49tIAWFW7cxj7FPdTnwYrEH4hASvw7W_v0sMfqSP_7AG2EZZNBXcvxGHmvCYXVRvxNJMeCxEGWaXpSSl_N-lMKK2nD_98dOjBFvJ-kZv91TWbchPy1-EhezkMHbAHGuezLHDsNliJTTzFHxnapw-zjMMbQY_6F1bn4OqbgQZX8f59omUODzgLqSre6kOi4POTxxN9pN8SXZzEwYSU6A1usLw8PBBTgXHxoupstxPpPbeN0m_ZOzJfN7dufFXMSPr4CD7MfwgKsLQsFRrddu31hJBWK1912Tt1u0oFGSQEhMW29bhfGx1mIyqHz1S1mtFsuDSFGWjy-WJL3LkR3iNso3E0Jwwm6rJpVqCDALWtHaxcx5BO-QgTDLdCZX8l9QukncLQXiRb40itUPBrN88GZ4hEA3p3GcQhqulrld1PcWea791zoqtvq4ZYGup42KmpLFHJjmj5MPUfczRR4cPXNEJIfn_x5eYXwNxWqtBJnqvlje_B7yoIpQdEJlkTwK8hYxPj4UUqCFMD6XNlaGlpa1vOobKlcNue6DVfS0pRoJ_Mg_hH8L0md0PB2GjMcz6_yUxiIJPQMF8bICCjdQlVdRvrGvDZwtAhHjkDPgV_0L1xeCJIBPEZDOyZ4cw_gIlugXKa625PuVGHe9qoLfLnPjuGDqR9clwritpWoNtxDOSnEILIehTFPQDFWPueo9YCnbU1vZ6dcI6GcLQXALH6jV-tmBYbiUoSAYubO5R_wcAra4NjAn-kHDXBaCFwCdzN5ge1n5Ue1sztjr1589lthj8pattYD1O4rEzGpXCdnrcmm2lZD6CXD4lRuevLqi6GIbnFBWNsSihQp6W5LqFQVIdRkoQHNVYP8-D4byjFueU_EM_wJEOzSpe1m7UThrmUDAqOZwhV-zujSH9iZARdUag4Ddx3OyrdJZUAqt6Rv81o0rU7wXYQnqXaoMCk20_o_a0AS1a-SGO4FH1OWmA0Exa_ndSgZ7PYHTgiPP7S-rR3ai9O3a7uRPG9tawBUYVphyLu7zskZ3xJjvanrdimyy8GUPWX7y7pbgruaCa9wAZQ1nM4BLXZoZxqGhDSIcwHpTyml1dMcosYKNhbPU6gCZGLQoQjKHrfyjfia0cevnoPlWce-wA3xYtDyAp-Arw60eYotvJnagr-KKJ1fGc81WogAieb46EqfEFTuq5qoYLhnmZcOD9nVZnVLwtJUsTP-khdcmDlaQA_aU8FcsYLDT5zoVMspWTuhqWL-t6xkxTIbwjyBStGpC2tKtaB0vtUjVIo-kJDpXSfHPWsMSEBHKJqsCT7LJwMxWpsb2PDFi6HTPkjKOC25yVRs0tvXdcDHr8HZLdEZg4mPqY8xCHzdM_S6rS5I7RUqJs4_oMfAF3LyYg7pQBicyLwqEECBW4EzLBXk7PEI8OOR24ZKY3Lfc-xr4-4RSKOdVbqkPGOr00tJNSDX9zfvyBHtOXbdPxkm8_aL7tPKay3bkm1L7I8ugG-riHnH0TM6BgJQOynsepHRUtUZMABJJn8gY3s7zOegFcSk--lOc3rneYbeEAspbAaMTW1HfJRQBNHNyoeSO0ri9qaAwRIehzuUvePIeNXRlJx5Wq0yLia7FiU0ybE2yqjxuMansQ-a8QFKGXMx7vsSrzpLCnHSjgSvvacHr_tIoYSNk4NeHLCLmvgw7-VIw_I-dww_pcbDjVTxVR5WYORXdqi2lhwLZM6DNc_MhIC6DVXskwDmvLEyZgQqBpXNrgY6SDgMtdWL4OgDSJsay2V2ixfEasQc1KQn4ROPUHtzRZVcwfzvUzg60j69xv57uvEBwxwdugz8mCgfoN9nS4UTKpFjdIB1ME7c_uWm-V3987pe8lVHSlu-PUQiYjjSWjuQkqlYhv3dWRm1MwMCC6zLgrKGiKyYbYwMEQhlV1sxdGntPVotaj0-xv15PcwrUu7qlpjg8-LgQmjNqKx6nwUFMGmZyo_q_MO5u9mYAQ_9N_PBOT_A9Uo2fT1rYQdkRQ1e9F0do1CDbOH7Ap8jhntrSGHJ00KVPX2UM8xBkfDpyMDunP8TbLPjq1dn9XR09aYNTALhzogVZYXQ2VCtdK__2bOLRSKvEngPlyM--HlNLa3uCUur33GG2cGoqZJT7GaAZp5j2b4-UzLg8Ztsw8vxxoGQY3tBw0hqWgi2HaL0HgKnIoq15cxUfS_-VanLh4OQE2C5cUEHvO1BrjJ7uRlZr1HSQ4xEdblgwOmQ6cblkMaL9Bj7hAFCCXkA9NXBVeb6BPLKlo2G5MZI9-JBT9dK-h6gdGu_fF01fGbUMuGYdPNPjoGx3ll5HDIdPUjwnr8BgLAwobRNRS9yaQLi_cEte1GHXnT1F4HQw9inXYHF8KlDxRQLDudCf2WijrOvO5JpIcFW56LNn60rJDWGOFTql-UrSBM-ZDdqAkpDAsZMnNFuvpJMjOZCk_6VFRyUzmFmogQlcrqlUKyRMm5xvpwLs7YU9BqQ6IePnIL6Sp8aGbqw1vKLdWVRuMgK3Sk8p7UhOWmzKSODy7PKcIz3Km_1Tufar0an7Iz7C8zsuMilDCiuNQ7vdS9uD7hCdFBAE3kF-hvFUdbVn9GtD-XvuaQx7jQ2m3UlPRe-wJaCs0xCbmUSsPbRStHetN1Xz9ac2YGl5Aqsq0W1kqk8N7xXAIY97IQJxQpPzSf7P-WS4iqBwO3sFJ3H7tJJ0SflfTecVD5h5GFoKN6v53TAT_y1ohyyCP4MruW7Z3eJmbSDNETmY2eeXGJh4gZkMBignXmMCdDqvpaYOYpGEHhGGrs1zPGr8Q5Ha9oJJ_UfOP-BXJk1WH2Y4XiJjKKje3DI8a8efVce5enDEtEvazesPqUVIHKZXeUiL7AoxsczkMO0qWLkvlzsKDhfWoE2N42lZ7Td_GJcJ4uqwiiFQcoL2LRUWTlY04nafsq5RhdJrbdchpZkpf61Jr-YDOCeCI7FRGJbiaAafKVF90hqTdOwbYYLxtHS4h8p0Eu1ZIp-48zxF0yU1Ne822g5T1xrwHpoSoKce9r2437jSSePDMGE9u5DCSC5eijzc2IuOLWBCG1M3NK2JiwntFWkYKD03ycdfcVOOcLBOkTaEaZyQbg4N2S6rJfFl-V2kN4IpDoX7A-Lu8jIF78lhyHM_CSI2TOKrb7kfIn_emhuwCaaoSshhLrgSiC_4FJH04rQtI8v4WPV2gmA4UVUeOvMmDsSzReqr_RCRMmJyWG-zOyg0LlJftFPm-Js0m7OOBOj3krOWoElIGIBxOgudxk2P8Hy5329ELOlxRb3zlmv2rsUWKMtCI2v9Zr4vmiyNkkvkCMcAGIEZHpqDcekmF7WNGLfCQslj1b5Km0tV8ECQkrDb0-ddo1ENNlM_pD6Ld22bKZwqkYGPCDgPa_tVxJsLQxusgJJIUVi3TjGpar62wBaASv7kw9Lyhbh5zW-7WMqcO0svTbHsDtQ4tsBwXdFFoPz-E4RCCXqy5ujhRzZJ3OaGAkvH6hpB3HopuBaDor49l8_Qg8A7KnllOptNRtCSHbNoB7VwGSdgJjxprEiTmdGQ9NCgKuQ-3QfPV7_jMkxfjMtNJrQJGROs6vGKhdWMQWAp0rmGCZfsILMZOWXAoBa1eSLIoidnGIrW2Byu-lXRyK8ihGEZ0YnNJ2XHHwXLmguA7Mkn_jPLROVsrrd0qJj5UnXBzqOtuYGVwJcuS9FJ5bHJ2V1JC76NtL403nb5wNXA6G4c9ReKVrBb1VtihpZbNi6cerGlD278FCPGQA1rDNQxLRnZ09srAUyK8bT7x0cz1ttUdMm50EOcAnb1PydKc2U5ZDmp_5mMm5lH7cNnZUJaA9u5J8rmOskBTiOkeRAQo6cOrV4422vVA90bH0FmIWyZ-KCW2T51lrE3k5oZpH0jYIpdjU-yDpTfvOMYb3JRTDW0zvPocMDJdFr-rEkKl-3VmsNgDP&cid=CAQSTgAvHhf_nuUp5SMi1ZrZ4yV_Im09gh7jXMdxBXndfTiTF3FJCWXcp5JHYMgreVSBidyIz90csl7EdQPcLWth5MIPTaZNerMj6yiSXfU5CRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.sanook.com%2F&ds=l&xdt=1&iif=1&cor=11921550709094943000&adk=2013371550&idt=125&cac=0&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b50699f7941847172dd7c1af4a423eb3ecf9fe4008cc65837f6e5015d48d50fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38637
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 36F5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?LP9i7g
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:21 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame FC08 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DIUC2xmj98ZqAyUi0PE4ObU1HrP5NMsNSKZz5xtQTvbC0Q7to4Ri_zHX4Oho4ZQxU8G_L2hIxC5wH8GxxLqOfsScFcBFsTJcPet1Iiu7vGHZg8AlgDdxqB-JewjNcWJt26ngAy0dY3V-onSR8OB0c6NvuwFuApgqpPShFuTYH3nu8Ptzc&dbm_d=AKAmf-AzJFrQpHov8Ut7wbQoxYjFbFXn2CRWIi3FH4b3NsJXw_mVxMTEqpn96KuDFEdaMva0RWuQt-n2LiNVuxkROuWQB2EGFqXUBeJAWu5ZTlTjT6Iw4Y5zyJHgxvTmN4RoDyH_9S_zcCpqsRZG2qeyEdfH2eYK2oM3ZuoYm3RVCbMSJh1w4Zo1GuL6g759bnikv-0SBwnHXMWyl5Ja4FTFng2cyIa49tIAWFW7cxj7FPdTnwYrEH4hASvw7W_v0sMfqSP_7AG2EZZNBXcvxGHmvCYXVRvxNJMeCxEGWaXpSSl_N-lMKK2nD_98dOjBFvJ-kZv91TWbchPy1-EhezkMHbAHGuezLHDsNliJTTzFHxnapw-zjMMbQY_6F1bn4OqbgQZX8f59omUODzgLqSre6kOi4POTxxN9pN8SXZzEwYSU6A1usLw8PBBTgXHxoupstxPpPbeN0m_ZOzJfN7dufFXMSPr4CD7MfwgKsLQsFRrddu31hJBWK1912Tt1u0oFGSQEhMW29bhfGx1mIyqHz1S1mtFsuDSFGWjy-WJL3LkR3iNso3E0Jwwm6rJpVqCDALWtHaxcx5BO-QgTDLdCZX8l9QukncLQXiRb40itUPBrN88GZ4hEA3p3GcQhqulrld1PcWea791zoqtvq4ZYGup42KmpLFHJjmj5MPUfczRR4cPXNEJIfn_x5eYXwNxWqtBJnqvlje_B7yoIpQdEJlkTwK8hYxPj4UUqCFMD6XNlaGlpa1vOobKlcNue6DVfS0pRoJ_Mg_hH8L0md0PB2GjMcz6_yUxiIJPQMF8bICCjdQlVdRvrGvDZwtAhHjkDPgV_0L1xeCJIBPEZDOyZ4cw_gIlugXKa625PuVGHe9qoLfLnPjuGDqR9clwritpWoNtxDOSnEILIehTFPQDFWPueo9YCnbU1vZ6dcI6GcLQXALH6jV-tmBYbiUoSAYubO5R_wcAra4NjAn-kHDXBaCFwCdzN5ge1n5Ue1sztjr1589lthj8pattYD1O4rEzGpXCdnrcmm2lZD6CXD4lRuevLqi6GIbnFBWNsSihQp6W5LqFQVIdRkoQHNVYP8-D4byjFueU_EM_wJEOzSpe1m7UThrmUDAqOZwhV-zujSH9iZARdUag4Ddx3OyrdJZUAqt6Rv81o0rU7wXYQnqXaoMCk20_o_a0AS1a-SGO4FH1OWmA0Exa_ndSgZ7PYHTgiPP7S-rR3ai9O3a7uRPG9tawBUYVphyLu7zskZ3xJjvanrdimyy8GUPWX7y7pbgruaCa9wAZQ1nM4BLXZoZxqGhDSIcwHpTyml1dMcosYKNhbPU6gCZGLQoQjKHrfyjfia0cevnoPlWce-wA3xYtDyAp-Arw60eYotvJnagr-KKJ1fGc81WogAieb46EqfEFTuq5qoYLhnmZcOD9nVZnVLwtJUsTP-khdcmDlaQA_aU8FcsYLDT5zoVMspWTuhqWL-t6xkxTIbwjyBStGpC2tKtaB0vtUjVIo-kJDpXSfHPWsMSEBHKJqsCT7LJwMxWpsb2PDFi6HTPkjKOC25yVRs0tvXdcDHr8HZLdEZg4mPqY8xCHzdM_S6rS5I7RUqJs4_oMfAF3LyYg7pQBicyLwqEECBW4EzLBXk7PEI8OOR24ZKY3Lfc-xr4-4RSKOdVbqkPGOr00tJNSDX9zfvyBHtOXbdPxkm8_aL7tPKay3bkm1L7I8ugG-riHnH0TM6BgJQOynsepHRUtUZMABJJn8gY3s7zOegFcSk--lOc3rneYbeEAspbAaMTW1HfJRQBNHNyoeSO0ri9qaAwRIehzuUvePIeNXRlJx5Wq0yLia7FiU0ybE2yqjxuMansQ-a8QFKGXMx7vsSrzpLCnHSjgSvvacHr_tIoYSNk4NeHLCLmvgw7-VIw_I-dww_pcbDjVTxVR5WYORXdqi2lhwLZM6DNc_MhIC6DVXskwDmvLEyZgQqBpXNrgY6SDgMtdWL4OgDSJsay2V2ixfEasQc1KQn4ROPUHtzRZVcwfzvUzg60j69xv57uvEBwxwdugz8mCgfoN9nS4UTKpFjdIB1ME7c_uWm-V3987pe8lVHSlu-PUQiYjjSWjuQkqlYhv3dWRm1MwMCC6zLgrKGiKyYbYwMEQhlV1sxdGntPVotaj0-xv15PcwrUu7qlpjg8-LgQmjNqKx6nwUFMGmZyo_q_MO5u9mYAQ_9N_PBOT_A9Uo2fT1rYQdkRQ1e9F0do1CDbOH7Ap8jhntrSGHJ00KVPX2UM8xBkfDpyMDunP8TbLPjq1dn9XR09aYNTALhzogVZYXQ2VCtdK__2bOLRSKvEngPlyM--HlNLa3uCUur33GG2cGoqZJT7GaAZp5j2b4-UzLg8Ztsw8vxxoGQY3tBw0hqWgi2HaL0HgKnIoq15cxUfS_-VanLh4OQE2C5cUEHvO1BrjJ7uRlZr1HSQ4xEdblgwOmQ6cblkMaL9Bj7hAFCCXkA9NXBVeb6BPLKlo2G5MZI9-JBT9dK-h6gdGu_fF01fGbUMuGYdPNPjoGx3ll5HDIdPUjwnr8BgLAwobRNRS9yaQLi_cEte1GHXnT1F4HQw9inXYHF8KlDxRQLDudCf2WijrOvO5JpIcFW56LNn60rJDWGOFTql-UrSBM-ZDdqAkpDAsZMnNFuvpJMjOZCk_6VFRyUzmFmogQlcrqlUKyRMm5xvpwLs7YU9BqQ6IePnIL6Sp8aGbqw1vKLdWVRuMgK3Sk8p7UhOWmzKSODy7PKcIz3Km_1Tufar0an7Iz7C8zsuMilDCiuNQ7vdS9uD7hCdFBAE3kF-hvFUdbVn9GtD-XvuaQx7jQ2m3UlPRe-wJaCs0xCbmUSsPbRStHetN1Xz9ac2YGl5Aqsq0W1kqk8N7xXAIY97IQJxQpPzSf7P-WS4iqBwO3sFJ3H7tJJ0SflfTecVD5h5GFoKN6v53TAT_y1ohyyCP4MruW7Z3eJmbSDNETmY2eeXGJh4gZkMBignXmMCdDqvpaYOYpGEHhGGrs1zPGr8Q5Ha9oJJ_UfOP-BXJk1WH2Y4XiJjKKje3DI8a8efVce5enDEtEvazesPqUVIHKZXeUiL7AoxsczkMO0qWLkvlzsKDhfWoE2N42lZ7Td_GJcJ4uqwiiFQcoL2LRUWTlY04nafsq5RhdJrbdchpZkpf61Jr-YDOCeCI7FRGJbiaAafKVF90hqTdOwbYYLxtHS4h8p0Eu1ZIp-48zxF0yU1Ne822g5T1xrwHpoSoKce9r2437jSSePDMGE9u5DCSC5eijzc2IuOLWBCG1M3NK2JiwntFWkYKD03ycdfcVOOcLBOkTaEaZyQbg4N2S6rJfFl-V2kN4IpDoX7A-Lu8jIF78lhyHM_CSI2TOKrb7kfIn_emhuwCaaoSshhLrgSiC_4FJH04rQtI8v4WPV2gmA4UVUeOvMmDsSzReqr_RCRMmJyWG-zOyg0LlJftFPm-Js0m7OOBOj3krOWoElIGIBxOgudxk2P8Hy5329ELOlxRb3zlmv2rsUWKMtCI2v9Zr4vmiyNkkvkCMcAGIEZHpqDcekmF7WNGLfCQslj1b5Km0tV8ECQkrDb0-ddo1ENNlM_pD6Ld22bKZwqkYGPCDgPa_tVxJsLQxusgJJIUVi3TjGpar62wBaASv7kw9Lyhbh5zW-7WMqcO0svTbHsDtQ4tsBwXdFFoPz-E4RCCXqy5ujhRzZJ3OaGAkvH6hpB3HopuBaDor49l8_Qg8A7KnllOptNRtCSHbNoB7VwGSdgJjxprEiTmdGQ9NCgKuQ-3QfPV7_jMkxfjMtNJrQJGROs6vGKhdWMQWAp0rmGCZfsILMZOWXAoBa1eSLIoidnGIrW2Byu-lXRyK8ihGEZ0YnNJ2XHHwXLmguA7Mkn_jPLROVsrrd0qJj5UnXBzqOtuYGVwJcuS9FJ5bHJ2V1JC76NtL403nb5wNXA6G4c9ReKVrBb1VtihpZbNi6cerGlD278FCPGQA1rDNQxLRnZ09srAUyK8bT7x0cz1ttUdMm50EOcAnb1PydKc2U5ZDmp_5mMm5lH7cNnZUJaA9u5J8rmOskBTiOkeRAQo6cOrV4422vVA90bH0FmIWyZ-KCW2T51lrE3k5oZpH0jYIpdjU-yDpTfvOMYb3JRTDW0zvPocMDJdFr-rEkKl-3VmsNgDP&cid=CAQSTgAvHhf_nuUp5SMi1ZrZ4yV_Im09gh7jXMdxBXndfTiTF3FJCWXcp5JHYMgreVSBidyIz90csl7EdQPcLWth5MIPTaZNerMj6yiSXfU5CRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.sanook.com%2F&ds=l&xdt=1&iif=1&cor=11921550709094943000&adk=2013371550&idt=125&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:43:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
21992
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
server
cafe
etag
16225921609732785849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Jan 2024 01:43:50 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame FC08 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DIUC2xmj98ZqAyUi0PE4ObU1HrP5NMsNSKZz5xtQTvbC0Q7to4Ri_zHX4Oho4ZQxU8G_L2hIxC5wH8GxxLqOfsScFcBFsTJcPet1Iiu7vGHZg8AlgDdxqB-JewjNcWJt26ngAy0dY3V-onSR8OB0c6NvuwFuApgqpPShFuTYH3nu8Ptzc&dbm_d=AKAmf-AzJFrQpHov8Ut7wbQoxYjFbFXn2CRWIi3FH4b3NsJXw_mVxMTEqpn96KuDFEdaMva0RWuQt-n2LiNVuxkROuWQB2EGFqXUBeJAWu5ZTlTjT6Iw4Y5zyJHgxvTmN4RoDyH_9S_zcCpqsRZG2qeyEdfH2eYK2oM3ZuoYm3RVCbMSJh1w4Zo1GuL6g759bnikv-0SBwnHXMWyl5Ja4FTFng2cyIa49tIAWFW7cxj7FPdTnwYrEH4hASvw7W_v0sMfqSP_7AG2EZZNBXcvxGHmvCYXVRvxNJMeCxEGWaXpSSl_N-lMKK2nD_98dOjBFvJ-kZv91TWbchPy1-EhezkMHbAHGuezLHDsNliJTTzFHxnapw-zjMMbQY_6F1bn4OqbgQZX8f59omUODzgLqSre6kOi4POTxxN9pN8SXZzEwYSU6A1usLw8PBBTgXHxoupstxPpPbeN0m_ZOzJfN7dufFXMSPr4CD7MfwgKsLQsFRrddu31hJBWK1912Tt1u0oFGSQEhMW29bhfGx1mIyqHz1S1mtFsuDSFGWjy-WJL3LkR3iNso3E0Jwwm6rJpVqCDALWtHaxcx5BO-QgTDLdCZX8l9QukncLQXiRb40itUPBrN88GZ4hEA3p3GcQhqulrld1PcWea791zoqtvq4ZYGup42KmpLFHJjmj5MPUfczRR4cPXNEJIfn_x5eYXwNxWqtBJnqvlje_B7yoIpQdEJlkTwK8hYxPj4UUqCFMD6XNlaGlpa1vOobKlcNue6DVfS0pRoJ_Mg_hH8L0md0PB2GjMcz6_yUxiIJPQMF8bICCjdQlVdRvrGvDZwtAhHjkDPgV_0L1xeCJIBPEZDOyZ4cw_gIlugXKa625PuVGHe9qoLfLnPjuGDqR9clwritpWoNtxDOSnEILIehTFPQDFWPueo9YCnbU1vZ6dcI6GcLQXALH6jV-tmBYbiUoSAYubO5R_wcAra4NjAn-kHDXBaCFwCdzN5ge1n5Ue1sztjr1589lthj8pattYD1O4rEzGpXCdnrcmm2lZD6CXD4lRuevLqi6GIbnFBWNsSihQp6W5LqFQVIdRkoQHNVYP8-D4byjFueU_EM_wJEOzSpe1m7UThrmUDAqOZwhV-zujSH9iZARdUag4Ddx3OyrdJZUAqt6Rv81o0rU7wXYQnqXaoMCk20_o_a0AS1a-SGO4FH1OWmA0Exa_ndSgZ7PYHTgiPP7S-rR3ai9O3a7uRPG9tawBUYVphyLu7zskZ3xJjvanrdimyy8GUPWX7y7pbgruaCa9wAZQ1nM4BLXZoZxqGhDSIcwHpTyml1dMcosYKNhbPU6gCZGLQoQjKHrfyjfia0cevnoPlWce-wA3xYtDyAp-Arw60eYotvJnagr-KKJ1fGc81WogAieb46EqfEFTuq5qoYLhnmZcOD9nVZnVLwtJUsTP-khdcmDlaQA_aU8FcsYLDT5zoVMspWTuhqWL-t6xkxTIbwjyBStGpC2tKtaB0vtUjVIo-kJDpXSfHPWsMSEBHKJqsCT7LJwMxWpsb2PDFi6HTPkjKOC25yVRs0tvXdcDHr8HZLdEZg4mPqY8xCHzdM_S6rS5I7RUqJs4_oMfAF3LyYg7pQBicyLwqEECBW4EzLBXk7PEI8OOR24ZKY3Lfc-xr4-4RSKOdVbqkPGOr00tJNSDX9zfvyBHtOXbdPxkm8_aL7tPKay3bkm1L7I8ugG-riHnH0TM6BgJQOynsepHRUtUZMABJJn8gY3s7zOegFcSk--lOc3rneYbeEAspbAaMTW1HfJRQBNHNyoeSO0ri9qaAwRIehzuUvePIeNXRlJx5Wq0yLia7FiU0ybE2yqjxuMansQ-a8QFKGXMx7vsSrzpLCnHSjgSvvacHr_tIoYSNk4NeHLCLmvgw7-VIw_I-dww_pcbDjVTxVR5WYORXdqi2lhwLZM6DNc_MhIC6DVXskwDmvLEyZgQqBpXNrgY6SDgMtdWL4OgDSJsay2V2ixfEasQc1KQn4ROPUHtzRZVcwfzvUzg60j69xv57uvEBwxwdugz8mCgfoN9nS4UTKpFjdIB1ME7c_uWm-V3987pe8lVHSlu-PUQiYjjSWjuQkqlYhv3dWRm1MwMCC6zLgrKGiKyYbYwMEQhlV1sxdGntPVotaj0-xv15PcwrUu7qlpjg8-LgQmjNqKx6nwUFMGmZyo_q_MO5u9mYAQ_9N_PBOT_A9Uo2fT1rYQdkRQ1e9F0do1CDbOH7Ap8jhntrSGHJ00KVPX2UM8xBkfDpyMDunP8TbLPjq1dn9XR09aYNTALhzogVZYXQ2VCtdK__2bOLRSKvEngPlyM--HlNLa3uCUur33GG2cGoqZJT7GaAZp5j2b4-UzLg8Ztsw8vxxoGQY3tBw0hqWgi2HaL0HgKnIoq15cxUfS_-VanLh4OQE2C5cUEHvO1BrjJ7uRlZr1HSQ4xEdblgwOmQ6cblkMaL9Bj7hAFCCXkA9NXBVeb6BPLKlo2G5MZI9-JBT9dK-h6gdGu_fF01fGbUMuGYdPNPjoGx3ll5HDIdPUjwnr8BgLAwobRNRS9yaQLi_cEte1GHXnT1F4HQw9inXYHF8KlDxRQLDudCf2WijrOvO5JpIcFW56LNn60rJDWGOFTql-UrSBM-ZDdqAkpDAsZMnNFuvpJMjOZCk_6VFRyUzmFmogQlcrqlUKyRMm5xvpwLs7YU9BqQ6IePnIL6Sp8aGbqw1vKLdWVRuMgK3Sk8p7UhOWmzKSODy7PKcIz3Km_1Tufar0an7Iz7C8zsuMilDCiuNQ7vdS9uD7hCdFBAE3kF-hvFUdbVn9GtD-XvuaQx7jQ2m3UlPRe-wJaCs0xCbmUSsPbRStHetN1Xz9ac2YGl5Aqsq0W1kqk8N7xXAIY97IQJxQpPzSf7P-WS4iqBwO3sFJ3H7tJJ0SflfTecVD5h5GFoKN6v53TAT_y1ohyyCP4MruW7Z3eJmbSDNETmY2eeXGJh4gZkMBignXmMCdDqvpaYOYpGEHhGGrs1zPGr8Q5Ha9oJJ_UfOP-BXJk1WH2Y4XiJjKKje3DI8a8efVce5enDEtEvazesPqUVIHKZXeUiL7AoxsczkMO0qWLkvlzsKDhfWoE2N42lZ7Td_GJcJ4uqwiiFQcoL2LRUWTlY04nafsq5RhdJrbdchpZkpf61Jr-YDOCeCI7FRGJbiaAafKVF90hqTdOwbYYLxtHS4h8p0Eu1ZIp-48zxF0yU1Ne822g5T1xrwHpoSoKce9r2437jSSePDMGE9u5DCSC5eijzc2IuOLWBCG1M3NK2JiwntFWkYKD03ycdfcVOOcLBOkTaEaZyQbg4N2S6rJfFl-V2kN4IpDoX7A-Lu8jIF78lhyHM_CSI2TOKrb7kfIn_emhuwCaaoSshhLrgSiC_4FJH04rQtI8v4WPV2gmA4UVUeOvMmDsSzReqr_RCRMmJyWG-zOyg0LlJftFPm-Js0m7OOBOj3krOWoElIGIBxOgudxk2P8Hy5329ELOlxRb3zlmv2rsUWKMtCI2v9Zr4vmiyNkkvkCMcAGIEZHpqDcekmF7WNGLfCQslj1b5Km0tV8ECQkrDb0-ddo1ENNlM_pD6Ld22bKZwqkYGPCDgPa_tVxJsLQxusgJJIUVi3TjGpar62wBaASv7kw9Lyhbh5zW-7WMqcO0svTbHsDtQ4tsBwXdFFoPz-E4RCCXqy5ujhRzZJ3OaGAkvH6hpB3HopuBaDor49l8_Qg8A7KnllOptNRtCSHbNoB7VwGSdgJjxprEiTmdGQ9NCgKuQ-3QfPV7_jMkxfjMtNJrQJGROs6vGKhdWMQWAp0rmGCZfsILMZOWXAoBa1eSLIoidnGIrW2Byu-lXRyK8ihGEZ0YnNJ2XHHwXLmguA7Mkn_jPLROVsrrd0qJj5UnXBzqOtuYGVwJcuS9FJ5bHJ2V1JC76NtL403nb5wNXA6G4c9ReKVrBb1VtihpZbNi6cerGlD278FCPGQA1rDNQxLRnZ09srAUyK8bT7x0cz1ttUdMm50EOcAnb1PydKc2U5ZDmp_5mMm5lH7cNnZUJaA9u5J8rmOskBTiOkeRAQo6cOrV4422vVA90bH0FmIWyZ-KCW2T51lrE3k5oZpH0jYIpdjU-yDpTfvOMYb3JRTDW0zvPocMDJdFr-rEkKl-3VmsNgDP&cid=CAQSTgAvHhf_nuUp5SMi1ZrZ4yV_Im09gh7jXMdxBXndfTiTF3FJCWXcp5JHYMgreVSBidyIz90csl7EdQPcLWth5MIPTaZNerMj6yiSXfU5CRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.sanook.com%2F&ds=l&xdt=1&iif=1&cor=11921550709094943000&adk=2013371550&idt=125&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 23:43:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
29186
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Jan 2024 23:43:56 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FC08 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvdHAymP3wJyb_sv57UKAYzl_bM6wylAwOxcYWIaexmo_GHSviws1pKSfx4NTI8CEDImoPvR-SIjomPRFolA5YqDK006ci23R9YTl-xKCTrQhWUHIVL-q_Ft9NCJMfIYmPcDwdoEQdvobTTRn1RMp4NE_zaQ6YR5zBGLDf5Ov4gUklBGU7bjrwXqpr6KPrVWHyiT67AfeLxgbwkEy4Q_Nv5boSiwz0Rvt8981xvMRih3AdEYJqa40xWKsqT8mr0uLnlAg-wWfbfEqkjqa1Y4lvkGY7j18455k8aYpWbdY5B9CBh7xuBzXKT0smREQp4qt3095D2x8tU_ofby9055yUnB5Wi_mPgPepQEPzVoo_sbOIQzmcRY554yjbpAM80yMyh9pBiVthStNH5Y8p_Rd9S_ATx9hBoBkIGl4UPWqWI0NsdW7JZ0zSQROjVU80QdQ3Th4MCFJvU3kRCiNfl33elB8sGWi2o_wpjIhZL3D-TjgAeOaA5ObIL2JFVuMTLly_BUCyaf0abON8QrhbjbhirhqKqizJ755nIF4Im6TXHYcf50g0SzZkBfB3XrDN67vn228UEUJiwh6g8rz8IR6F6smObDzQUDCEmmzeuphiMsHqtDZ1c98DaW1lcLkOt1_qoyGQMRV_8agCCy_HPihHOpALF10cuG5iBcFK6ShcTCSTrb8iZB2myqytGSHWIEsUCHb9CVZCfiTJ1ZCwDsQI2XxLg0DnowkTWOn3a8F0vVsHzbGSJLKXnyNM_80YHfD7eVMDasPFOjQCYxu47_54z9MQ2sUodSdARB8PbO4pNTNRwOgxAZIGfnOdvtSW55EkK1TgOE9MAqx26UNZvrdrJMTD6vDh4wt_pwelsF3e03yXqYvpdJLDjfLgDbH3shaG1yK6qm-5QksGx8TgBG2XzVw_UjhgdZWlIAzgHbYiphbofv8iuTimJBT16-BMCIBk-OnWiJUnWq7sBeQIxqNIJZcfdCgEL-ctGhl1SUy01U1M1xTQcVGBEY0-koG3zwijYXDLFHvQ_s4u2zySq98qv-b5z-wpTvl5QrdWFm3qPb5gtv05SkqNPXzbF_4wa_gJpENM09nXK0D70okkNmqCER4XgifyypoOxWXIlcgq_wJNj61cueSAU-Ir8FvQ0PkWB3feGbl2Y0CQ9WevtZXgyuNyHRzGw0pEpF0YVLbyQxFt_6wydttE15cLNxYUVi-2iPFmYZJk49Vqgebr3jgLXMkVt_jRbv5ioz8Wg8zuMRD5Vx80ema5T-1w1Q_Fnlcn6ehf4-2wSWyHKAtpmKcRRgzKlErZt7--eGtcl1qeVaCO4S5c75ri4HjcLF_9ym22U83m62hJ9yBsybbF81JLv0OnHrMvQ7SaD7CQBTazYmgXVb60RTJF5WvKuhJSfTHHUrmauqjd8JsHqLHHeBOd3JapomwJkuSNCG-nPpvYnj_Qx_HHhCOU&sai=AMfl-YRHCaKZcgkxsNOCBQRgLuzKLQ5tV96kZAWDs_5LD62G75peqihn-9rRVqReMPbn9xzxTBNtAbxyzB5WTXE-FQHVItS6d1av_sZLQ2waw-Jx2Bp73Au-Zg9c_HCx1qF-v2LIqhRglqToXBQ6lexZXw50kO4ysvG5L6s3Tnfgvp5G7JsGDz8X04IjZq5eKBZRYxd2A488tPcEZBg8LfA6W4SC4lhgWrR78y-9fvGgpB8CTQ9VcyFyO2S4tr3cLvMsGDyuVvztCPc4v8Nt6MrD1uraihlf0LstLNLc44EDq2HRx00NUJhkmDoEDXtdKhs5KlVyiuua1zn9LUvxy4akSUE&sig=Cg0ArKJSzE4LviPaffewEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231207.10365&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DIUC2xmj98ZqAyUi0PE4ObU1HrP5NMsNSKZz5xtQTvbC0Q7to4Ri_zHX4Oho4ZQxU8G_L2hIxC5wH8GxxLqOfsScFcBFsTJcPet1Iiu7vGHZg8AlgDdxqB-JewjNcWJt26ngAy0dY3V-onSR8OB0c6NvuwFuApgqpPShFuTYH3nu8Ptzc&dbm_d=AKAmf-AzJFrQpHov8Ut7wbQoxYjFbFXn2CRWIi3FH4b3NsJXw_mVxMTEqpn96KuDFEdaMva0RWuQt-n2LiNVuxkROuWQB2EGFqXUBeJAWu5ZTlTjT6Iw4Y5zyJHgxvTmN4RoDyH_9S_zcCpqsRZG2qeyEdfH2eYK2oM3ZuoYm3RVCbMSJh1w4Zo1GuL6g759bnikv-0SBwnHXMWyl5Ja4FTFng2cyIa49tIAWFW7cxj7FPdTnwYrEH4hASvw7W_v0sMfqSP_7AG2EZZNBXcvxGHmvCYXVRvxNJMeCxEGWaXpSSl_N-lMKK2nD_98dOjBFvJ-kZv91TWbchPy1-EhezkMHbAHGuezLHDsNliJTTzFHxnapw-zjMMbQY_6F1bn4OqbgQZX8f59omUODzgLqSre6kOi4POTxxN9pN8SXZzEwYSU6A1usLw8PBBTgXHxoupstxPpPbeN0m_ZOzJfN7dufFXMSPr4CD7MfwgKsLQsFRrddu31hJBWK1912Tt1u0oFGSQEhMW29bhfGx1mIyqHz1S1mtFsuDSFGWjy-WJL3LkR3iNso3E0Jwwm6rJpVqCDALWtHaxcx5BO-QgTDLdCZX8l9QukncLQXiRb40itUPBrN88GZ4hEA3p3GcQhqulrld1PcWea791zoqtvq4ZYGup42KmpLFHJjmj5MPUfczRR4cPXNEJIfn_x5eYXwNxWqtBJnqvlje_B7yoIpQdEJlkTwK8hYxPj4UUqCFMD6XNlaGlpa1vOobKlcNue6DVfS0pRoJ_Mg_hH8L0md0PB2GjMcz6_yUxiIJPQMF8bICCjdQlVdRvrGvDZwtAhHjkDPgV_0L1xeCJIBPEZDOyZ4cw_gIlugXKa625PuVGHe9qoLfLnPjuGDqR9clwritpWoNtxDOSnEILIehTFPQDFWPueo9YCnbU1vZ6dcI6GcLQXALH6jV-tmBYbiUoSAYubO5R_wcAra4NjAn-kHDXBaCFwCdzN5ge1n5Ue1sztjr1589lthj8pattYD1O4rEzGpXCdnrcmm2lZD6CXD4lRuevLqi6GIbnFBWNsSihQp6W5LqFQVIdRkoQHNVYP8-D4byjFueU_EM_wJEOzSpe1m7UThrmUDAqOZwhV-zujSH9iZARdUag4Ddx3OyrdJZUAqt6Rv81o0rU7wXYQnqXaoMCk20_o_a0AS1a-SGO4FH1OWmA0Exa_ndSgZ7PYHTgiPP7S-rR3ai9O3a7uRPG9tawBUYVphyLu7zskZ3xJjvanrdimyy8GUPWX7y7pbgruaCa9wAZQ1nM4BLXZoZxqGhDSIcwHpTyml1dMcosYKNhbPU6gCZGLQoQjKHrfyjfia0cevnoPlWce-wA3xYtDyAp-Arw60eYotvJnagr-KKJ1fGc81WogAieb46EqfEFTuq5qoYLhnmZcOD9nVZnVLwtJUsTP-khdcmDlaQA_aU8FcsYLDT5zoVMspWTuhqWL-t6xkxTIbwjyBStGpC2tKtaB0vtUjVIo-kJDpXSfHPWsMSEBHKJqsCT7LJwMxWpsb2PDFi6HTPkjKOC25yVRs0tvXdcDHr8HZLdEZg4mPqY8xCHzdM_S6rS5I7RUqJs4_oMfAF3LyYg7pQBicyLwqEECBW4EzLBXk7PEI8OOR24ZKY3Lfc-xr4-4RSKOdVbqkPGOr00tJNSDX9zfvyBHtOXbdPxkm8_aL7tPKay3bkm1L7I8ugG-riHnH0TM6BgJQOynsepHRUtUZMABJJn8gY3s7zOegFcSk--lOc3rneYbeEAspbAaMTW1HfJRQBNHNyoeSO0ri9qaAwRIehzuUvePIeNXRlJx5Wq0yLia7FiU0ybE2yqjxuMansQ-a8QFKGXMx7vsSrzpLCnHSjgSvvacHr_tIoYSNk4NeHLCLmvgw7-VIw_I-dww_pcbDjVTxVR5WYORXdqi2lhwLZM6DNc_MhIC6DVXskwDmvLEyZgQqBpXNrgY6SDgMtdWL4OgDSJsay2V2ixfEasQc1KQn4ROPUHtzRZVcwfzvUzg60j69xv57uvEBwxwdugz8mCgfoN9nS4UTKpFjdIB1ME7c_uWm-V3987pe8lVHSlu-PUQiYjjSWjuQkqlYhv3dWRm1MwMCC6zLgrKGiKyYbYwMEQhlV1sxdGntPVotaj0-xv15PcwrUu7qlpjg8-LgQmjNqKx6nwUFMGmZyo_q_MO5u9mYAQ_9N_PBOT_A9Uo2fT1rYQdkRQ1e9F0do1CDbOH7Ap8jhntrSGHJ00KVPX2UM8xBkfDpyMDunP8TbLPjq1dn9XR09aYNTALhzogVZYXQ2VCtdK__2bOLRSKvEngPlyM--HlNLa3uCUur33GG2cGoqZJT7GaAZp5j2b4-UzLg8Ztsw8vxxoGQY3tBw0hqWgi2HaL0HgKnIoq15cxUfS_-VanLh4OQE2C5cUEHvO1BrjJ7uRlZr1HSQ4xEdblgwOmQ6cblkMaL9Bj7hAFCCXkA9NXBVeb6BPLKlo2G5MZI9-JBT9dK-h6gdGu_fF01fGbUMuGYdPNPjoGx3ll5HDIdPUjwnr8BgLAwobRNRS9yaQLi_cEte1GHXnT1F4HQw9inXYHF8KlDxRQLDudCf2WijrOvO5JpIcFW56LNn60rJDWGOFTql-UrSBM-ZDdqAkpDAsZMnNFuvpJMjOZCk_6VFRyUzmFmogQlcrqlUKyRMm5xvpwLs7YU9BqQ6IePnIL6Sp8aGbqw1vKLdWVRuMgK3Sk8p7UhOWmzKSODy7PKcIz3Km_1Tufar0an7Iz7C8zsuMilDCiuNQ7vdS9uD7hCdFBAE3kF-hvFUdbVn9GtD-XvuaQx7jQ2m3UlPRe-wJaCs0xCbmUSsPbRStHetN1Xz9ac2YGl5Aqsq0W1kqk8N7xXAIY97IQJxQpPzSf7P-WS4iqBwO3sFJ3H7tJJ0SflfTecVD5h5GFoKN6v53TAT_y1ohyyCP4MruW7Z3eJmbSDNETmY2eeXGJh4gZkMBignXmMCdDqvpaYOYpGEHhGGrs1zPGr8Q5Ha9oJJ_UfOP-BXJk1WH2Y4XiJjKKje3DI8a8efVce5enDEtEvazesPqUVIHKZXeUiL7AoxsczkMO0qWLkvlzsKDhfWoE2N42lZ7Td_GJcJ4uqwiiFQcoL2LRUWTlY04nafsq5RhdJrbdchpZkpf61Jr-YDOCeCI7FRGJbiaAafKVF90hqTdOwbYYLxtHS4h8p0Eu1ZIp-48zxF0yU1Ne822g5T1xrwHpoSoKce9r2437jSSePDMGE9u5DCSC5eijzc2IuOLWBCG1M3NK2JiwntFWkYKD03ycdfcVOOcLBOkTaEaZyQbg4N2S6rJfFl-V2kN4IpDoX7A-Lu8jIF78lhyHM_CSI2TOKrb7kfIn_emhuwCaaoSshhLrgSiC_4FJH04rQtI8v4WPV2gmA4UVUeOvMmDsSzReqr_RCRMmJyWG-zOyg0LlJftFPm-Js0m7OOBOj3krOWoElIGIBxOgudxk2P8Hy5329ELOlxRb3zlmv2rsUWKMtCI2v9Zr4vmiyNkkvkCMcAGIEZHpqDcekmF7WNGLfCQslj1b5Km0tV8ECQkrDb0-ddo1ENNlM_pD6Ld22bKZwqkYGPCDgPa_tVxJsLQxusgJJIUVi3TjGpar62wBaASv7kw9Lyhbh5zW-7WMqcO0svTbHsDtQ4tsBwXdFFoPz-E4RCCXqy5ujhRzZJ3OaGAkvH6hpB3HopuBaDor49l8_Qg8A7KnllOptNRtCSHbNoB7VwGSdgJjxprEiTmdGQ9NCgKuQ-3QfPV7_jMkxfjMtNJrQJGROs6vGKhdWMQWAp0rmGCZfsILMZOWXAoBa1eSLIoidnGIrW2Byu-lXRyK8ihGEZ0YnNJ2XHHwXLmguA7Mkn_jPLROVsrrd0qJj5UnXBzqOtuYGVwJcuS9FJ5bHJ2V1JC76NtL403nb5wNXA6G4c9ReKVrBb1VtihpZbNi6cerGlD278FCPGQA1rDNQxLRnZ09srAUyK8bT7x0cz1ttUdMm50EOcAnb1PydKc2U5ZDmp_5mMm5lH7cNnZUJaA9u5J8rmOskBTiOkeRAQo6cOrV4422vVA90bH0FmIWyZ-KCW2T51lrE3k5oZpH0jYIpdjU-yDpTfvOMYb3JRTDW0zvPocMDJdFr-rEkKl-3VmsNgDP&cid=CAQSTgAvHhf_nuUp5SMi1ZrZ4yV_Im09gh7jXMdxBXndfTiTF3FJCWXcp5JHYMgreVSBidyIz90csl7EdQPcLWth5MIPTaZNerMj6yiSXfU5CRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.sanook.com%2F&ds=l&xdt=1&iif=1&cor=11921550709094943000&adk=2013371550&idt=125&cac=0&dtd=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 20 Dec 2023 07:50:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame FC08 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DIUC2xmj98ZqAyUi0PE4ObU1HrP5NMsNSKZz5xtQTvbC0Q7to4Ri_zHX4Oho4ZQxU8G_L2hIxC5wH8GxxLqOfsScFcBFsTJcPet1Iiu7vGHZg8AlgDdxqB-JewjNcWJt26ngAy0dY3V-onSR8OB0c6NvuwFuApgqpPShFuTYH3nu8Ptzc&dbm_d=AKAmf-AzJFrQpHov8Ut7wbQoxYjFbFXn2CRWIi3FH4b3NsJXw_mVxMTEqpn96KuDFEdaMva0RWuQt-n2LiNVuxkROuWQB2EGFqXUBeJAWu5ZTlTjT6Iw4Y5zyJHgxvTmN4RoDyH_9S_zcCpqsRZG2qeyEdfH2eYK2oM3ZuoYm3RVCbMSJh1w4Zo1GuL6g759bnikv-0SBwnHXMWyl5Ja4FTFng2cyIa49tIAWFW7cxj7FPdTnwYrEH4hASvw7W_v0sMfqSP_7AG2EZZNBXcvxGHmvCYXVRvxNJMeCxEGWaXpSSl_N-lMKK2nD_98dOjBFvJ-kZv91TWbchPy1-EhezkMHbAHGuezLHDsNliJTTzFHxnapw-zjMMbQY_6F1bn4OqbgQZX8f59omUODzgLqSre6kOi4POTxxN9pN8SXZzEwYSU6A1usLw8PBBTgXHxoupstxPpPbeN0m_ZOzJfN7dufFXMSPr4CD7MfwgKsLQsFRrddu31hJBWK1912Tt1u0oFGSQEhMW29bhfGx1mIyqHz1S1mtFsuDSFGWjy-WJL3LkR3iNso3E0Jwwm6rJpVqCDALWtHaxcx5BO-QgTDLdCZX8l9QukncLQXiRb40itUPBrN88GZ4hEA3p3GcQhqulrld1PcWea791zoqtvq4ZYGup42KmpLFHJjmj5MPUfczRR4cPXNEJIfn_x5eYXwNxWqtBJnqvlje_B7yoIpQdEJlkTwK8hYxPj4UUqCFMD6XNlaGlpa1vOobKlcNue6DVfS0pRoJ_Mg_hH8L0md0PB2GjMcz6_yUxiIJPQMF8bICCjdQlVdRvrGvDZwtAhHjkDPgV_0L1xeCJIBPEZDOyZ4cw_gIlugXKa625PuVGHe9qoLfLnPjuGDqR9clwritpWoNtxDOSnEILIehTFPQDFWPueo9YCnbU1vZ6dcI6GcLQXALH6jV-tmBYbiUoSAYubO5R_wcAra4NjAn-kHDXBaCFwCdzN5ge1n5Ue1sztjr1589lthj8pattYD1O4rEzGpXCdnrcmm2lZD6CXD4lRuevLqi6GIbnFBWNsSihQp6W5LqFQVIdRkoQHNVYP8-D4byjFueU_EM_wJEOzSpe1m7UThrmUDAqOZwhV-zujSH9iZARdUag4Ddx3OyrdJZUAqt6Rv81o0rU7wXYQnqXaoMCk20_o_a0AS1a-SGO4FH1OWmA0Exa_ndSgZ7PYHTgiPP7S-rR3ai9O3a7uRPG9tawBUYVphyLu7zskZ3xJjvanrdimyy8GUPWX7y7pbgruaCa9wAZQ1nM4BLXZoZxqGhDSIcwHpTyml1dMcosYKNhbPU6gCZGLQoQjKHrfyjfia0cevnoPlWce-wA3xYtDyAp-Arw60eYotvJnagr-KKJ1fGc81WogAieb46EqfEFTuq5qoYLhnmZcOD9nVZnVLwtJUsTP-khdcmDlaQA_aU8FcsYLDT5zoVMspWTuhqWL-t6xkxTIbwjyBStGpC2tKtaB0vtUjVIo-kJDpXSfHPWsMSEBHKJqsCT7LJwMxWpsb2PDFi6HTPkjKOC25yVRs0tvXdcDHr8HZLdEZg4mPqY8xCHzdM_S6rS5I7RUqJs4_oMfAF3LyYg7pQBicyLwqEECBW4EzLBXk7PEI8OOR24ZKY3Lfc-xr4-4RSKOdVbqkPGOr00tJNSDX9zfvyBHtOXbdPxkm8_aL7tPKay3bkm1L7I8ugG-riHnH0TM6BgJQOynsepHRUtUZMABJJn8gY3s7zOegFcSk--lOc3rneYbeEAspbAaMTW1HfJRQBNHNyoeSO0ri9qaAwRIehzuUvePIeNXRlJx5Wq0yLia7FiU0ybE2yqjxuMansQ-a8QFKGXMx7vsSrzpLCnHSjgSvvacHr_tIoYSNk4NeHLCLmvgw7-VIw_I-dww_pcbDjVTxVR5WYORXdqi2lhwLZM6DNc_MhIC6DVXskwDmvLEyZgQqBpXNrgY6SDgMtdWL4OgDSJsay2V2ixfEasQc1KQn4ROPUHtzRZVcwfzvUzg60j69xv57uvEBwxwdugz8mCgfoN9nS4UTKpFjdIB1ME7c_uWm-V3987pe8lVHSlu-PUQiYjjSWjuQkqlYhv3dWRm1MwMCC6zLgrKGiKyYbYwMEQhlV1sxdGntPVotaj0-xv15PcwrUu7qlpjg8-LgQmjNqKx6nwUFMGmZyo_q_MO5u9mYAQ_9N_PBOT_A9Uo2fT1rYQdkRQ1e9F0do1CDbOH7Ap8jhntrSGHJ00KVPX2UM8xBkfDpyMDunP8TbLPjq1dn9XR09aYNTALhzogVZYXQ2VCtdK__2bOLRSKvEngPlyM--HlNLa3uCUur33GG2cGoqZJT7GaAZp5j2b4-UzLg8Ztsw8vxxoGQY3tBw0hqWgi2HaL0HgKnIoq15cxUfS_-VanLh4OQE2C5cUEHvO1BrjJ7uRlZr1HSQ4xEdblgwOmQ6cblkMaL9Bj7hAFCCXkA9NXBVeb6BPLKlo2G5MZI9-JBT9dK-h6gdGu_fF01fGbUMuGYdPNPjoGx3ll5HDIdPUjwnr8BgLAwobRNRS9yaQLi_cEte1GHXnT1F4HQw9inXYHF8KlDxRQLDudCf2WijrOvO5JpIcFW56LNn60rJDWGOFTql-UrSBM-ZDdqAkpDAsZMnNFuvpJMjOZCk_6VFRyUzmFmogQlcrqlUKyRMm5xvpwLs7YU9BqQ6IePnIL6Sp8aGbqw1vKLdWVRuMgK3Sk8p7UhOWmzKSODy7PKcIz3Km_1Tufar0an7Iz7C8zsuMilDCiuNQ7vdS9uD7hCdFBAE3kF-hvFUdbVn9GtD-XvuaQx7jQ2m3UlPRe-wJaCs0xCbmUSsPbRStHetN1Xz9ac2YGl5Aqsq0W1kqk8N7xXAIY97IQJxQpPzSf7P-WS4iqBwO3sFJ3H7tJJ0SflfTecVD5h5GFoKN6v53TAT_y1ohyyCP4MruW7Z3eJmbSDNETmY2eeXGJh4gZkMBignXmMCdDqvpaYOYpGEHhGGrs1zPGr8Q5Ha9oJJ_UfOP-BXJk1WH2Y4XiJjKKje3DI8a8efVce5enDEtEvazesPqUVIHKZXeUiL7AoxsczkMO0qWLkvlzsKDhfWoE2N42lZ7Td_GJcJ4uqwiiFQcoL2LRUWTlY04nafsq5RhdJrbdchpZkpf61Jr-YDOCeCI7FRGJbiaAafKVF90hqTdOwbYYLxtHS4h8p0Eu1ZIp-48zxF0yU1Ne822g5T1xrwHpoSoKce9r2437jSSePDMGE9u5DCSC5eijzc2IuOLWBCG1M3NK2JiwntFWkYKD03ycdfcVOOcLBOkTaEaZyQbg4N2S6rJfFl-V2kN4IpDoX7A-Lu8jIF78lhyHM_CSI2TOKrb7kfIn_emhuwCaaoSshhLrgSiC_4FJH04rQtI8v4WPV2gmA4UVUeOvMmDsSzReqr_RCRMmJyWG-zOyg0LlJftFPm-Js0m7OOBOj3krOWoElIGIBxOgudxk2P8Hy5329ELOlxRb3zlmv2rsUWKMtCI2v9Zr4vmiyNkkvkCMcAGIEZHpqDcekmF7WNGLfCQslj1b5Km0tV8ECQkrDb0-ddo1ENNlM_pD6Ld22bKZwqkYGPCDgPa_tVxJsLQxusgJJIUVi3TjGpar62wBaASv7kw9Lyhbh5zW-7WMqcO0svTbHsDtQ4tsBwXdFFoPz-E4RCCXqy5ujhRzZJ3OaGAkvH6hpB3HopuBaDor49l8_Qg8A7KnllOptNRtCSHbNoB7VwGSdgJjxprEiTmdGQ9NCgKuQ-3QfPV7_jMkxfjMtNJrQJGROs6vGKhdWMQWAp0rmGCZfsILMZOWXAoBa1eSLIoidnGIrW2Byu-lXRyK8ihGEZ0YnNJ2XHHwXLmguA7Mkn_jPLROVsrrd0qJj5UnXBzqOtuYGVwJcuS9FJ5bHJ2V1JC76NtL403nb5wNXA6G4c9ReKVrBb1VtihpZbNi6cerGlD278FCPGQA1rDNQxLRnZ09srAUyK8bT7x0cz1ttUdMm50EOcAnb1PydKc2U5ZDmp_5mMm5lH7cNnZUJaA9u5J8rmOskBTiOkeRAQo6cOrV4422vVA90bH0FmIWyZ-KCW2T51lrE3k5oZpH0jYIpdjU-yDpTfvOMYb3JRTDW0zvPocMDJdFr-rEkKl-3VmsNgDP&cid=CAQSTgAvHhf_nuUp5SMi1ZrZ4yV_Im09gh7jXMdxBXndfTiTF3FJCWXcp5JHYMgreVSBidyIz90csl7EdQPcLWth5MIPTaZNerMj6yiSXfU5CRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.sanook.com%2F&ds=l&xdt=1&iif=1&cor=11921550709094943000&adk=2013371550&idt=125&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
395114
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 18:05:08 GMT
14639594052140872195
s0.2mdn.net/simgad/ Frame FC08 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/14639594052140872195?sqp=uqWu0g0ICPoBEKwCQGQ&rs=AOga4qkWawYAUcmdZQekr96zuHSfda6rtw
Requested by
Host: 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
URL: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fd08991cc0d265646431832f91dd7d41714becd4b410fc366701d1d72e1c5ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 21:25:21 GMT
x-content-type-options
nosniff
age
123901
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68435
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 10:34:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 Dec 2024 21:25:21 GMT
truncated
/ Frame FC08 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c3813c365a68f751e0318f94fa197415d1adf39a01cd4836cd3ea0585bae9a6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame ED86 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
81415
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 09:13:27 GMT
expires
Wed, 18 Dec 2024 09:13:27 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.sanook.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 20 Dec 2023 07:50:21 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
221456
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1&lsw=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:21 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
230009
expires
0
prebid
id5-sync.com/api/config/ 		135 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
0b55ec4e5aa91ac70224085c402a372fcdd954dd4df3229b7de7efbfa86cff3c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 20 Dec 2023 07:50:21 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
id
id.crwdcntrl.net/ 		43 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.9.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-9-4.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:22 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache
x-server
10.45.5.173
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ 		63 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
1f6ba14f54fae7707c21cf8b7609b7ab8cfc5244907b3be35a48a76fd2a5ac4c

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Dec 2023 07:50:22 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Fri, 19 Jan 2024 07:50:22 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
a7541fc5c9a11282980ed923f9b2f1827738f86dee00d52a7b3bd71b640133d1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 20 Dec 2023 07:50:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame ED86 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 09:20:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
81015
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Dec 2024 09:20:07 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FC08 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvdHAymP3wJyb_sv57UKAYzl_bM6wylAwOxcYWIaexmo_GHSviws1pKSfx4NTI8CEDImoPvR-SIjomPRFolA5YqDK006ci23R9YTl-xKCTrQhWUHIVL-q_Ft9NCJMfIYmPcDwdoEQdvobTTRn1RMp4NE_zaQ6YR5zBGLDf5Ov4gUklBGU7bjrwXqpr6KPrVWHyiT67AfeLxgbwkEy4Q_Nv5boSiwz0Rvt8981xvMRih3AdEYJqa40xWKsqT8mr0uLnlAg-wWfbfEqkjqa1Y4lvkGY7j18455k8aYpWbdY5B9CBh7xuBzXKT0smREQp4qt3095D2x8tU_ofby9055yUnB5Wi_mPgPepQEPzVoo_sbOIQzmcRY554yjbpAM80yMyh9pBiVthStNH5Y8p_Rd9S_ATx9hBoBkIGl4UPWqWI0NsdW7JZ0zSQROjVU80QdQ3Th4MCFJvU3kRCiNfl33elB8sGWi2o_wpjIhZL3D-TjgAeOaA5ObIL2JFVuMTLly_BUCyaf0abON8QrhbjbhirhqKqizJ755nIF4Im6TXHYcf50g0SzZkBfB3XrDN67vn228UEUJiwh6g8rz8IR6F6smObDzQUDCEmmzeuphiMsHqtDZ1c98DaW1lcLkOt1_qoyGQMRV_8agCCy_HPihHOpALF10cuG5iBcFK6ShcTCSTrb8iZB2myqytGSHWIEsUCHb9CVZCfiTJ1ZCwDsQI2XxLg0DnowkTWOn3a8F0vVsHzbGSJLKXnyNM_80YHfD7eVMDasPFOjQCYxu47_54z9MQ2sUodSdARB8PbO4pNTNRwOgxAZIGfnOdvtSW55EkK1TgOE9MAqx26UNZvrdrJMTD6vDh4wt_pwelsF3e03yXqYvpdJLDjfLgDbH3shaG1yK6qm-5QksGx8TgBG2XzVw_UjhgdZWlIAzgHbYiphbofv8iuTimJBT16-BMCIBk-OnWiJUnWq7sBeQIxqNIJZcfdCgEL-ctGhl1SUy01U1M1xTQcVGBEY0-koG3zwijYXDLFHvQ_s4u2zySq98qv-b5z-wpTvl5QrdWFm3qPb5gtv05SkqNPXzbF_4wa_gJpENM09nXK0D70okkNmqCER4XgifyypoOxWXIlcgq_wJNj61cueSAU-Ir8FvQ0PkWB3feGbl2Y0CQ9WevtZXgyuNyHRzGw0pEpF0YVLbyQxFt_6wydttE15cLNxYUVi-2iPFmYZJk49Vqgebr3jgLXMkVt_jRbv5ioz8Wg8zuMRD5Vx80ema5T-1w1Q_Fnlcn6ehf4-2wSWyHKAtpmKcRRgzKlErZt7--eGtcl1qeVaCO4S5c75ri4HjcLF_9ym22U83m62hJ9yBsybbF81JLv0OnHrMvQ7SaD7CQBTazYmgXVb60RTJF5WvKuhJSfTHHUrmauqjd8JsHqLHHeBOd3JapomwJkuSNCG-nPpvYnj_Qx_HHhCOU&sai=AMfl-YRHCaKZcgkxsNOCBQRgLuzKLQ5tV96kZAWDs_5LD62G75peqihn-9rRVqReMPbn9xzxTBNtAbxyzB5WTXE-FQHVItS6d1av_sZLQ2waw-Jx2Bp73Au-Zg9c_HCx1qF-v2LIqhRglqToXBQ6lexZXw50kO4ysvG5L6s3Tnfgvp5G7JsGDz8X04IjZq5eKBZRYxd2A488tPcEZBg8LfA6W4SC4lhgWrR78y-9fvGgpB8CTQ9VcyFyO2S4tr3cLvMsGDyuVvztCPc4v8Nt6MrD1uraihlf0LstLNLc44EDq2HRx00NUJhkmDoEDXtdKhs5KlVyiuua1zn9LUvxy4akSUE&sig=Cg0ArKJSzE4LviPaffewEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=131&vt=11&dtpt=130&dett=2&cstd=0&cisv=r20231207.10365&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DIUC2xmj98ZqAyUi0PE4ObU1HrP5NMsNSKZz5xtQTvbC0Q7to4Ri_zHX4Oho4ZQxU8G_L2hIxC5wH8GxxLqOfsScFcBFsTJcPet1Iiu7vGHZg8AlgDdxqB-JewjNcWJt26ngAy0dY3V-onSR8OB0c6NvuwFuApgqpPShFuTYH3nu8Ptzc&dbm_d=AKAmf-AzJFrQpHov8Ut7wbQoxYjFbFXn2CRWIi3FH4b3NsJXw_mVxMTEqpn96KuDFEdaMva0RWuQt-n2LiNVuxkROuWQB2EGFqXUBeJAWu5ZTlTjT6Iw4Y5zyJHgxvTmN4RoDyH_9S_zcCpqsRZG2qeyEdfH2eYK2oM3ZuoYm3RVCbMSJh1w4Zo1GuL6g759bnikv-0SBwnHXMWyl5Ja4FTFng2cyIa49tIAWFW7cxj7FPdTnwYrEH4hASvw7W_v0sMfqSP_7AG2EZZNBXcvxGHmvCYXVRvxNJMeCxEGWaXpSSl_N-lMKK2nD_98dOjBFvJ-kZv91TWbchPy1-EhezkMHbAHGuezLHDsNliJTTzFHxnapw-zjMMbQY_6F1bn4OqbgQZX8f59omUODzgLqSre6kOi4POTxxN9pN8SXZzEwYSU6A1usLw8PBBTgXHxoupstxPpPbeN0m_ZOzJfN7dufFXMSPr4CD7MfwgKsLQsFRrddu31hJBWK1912Tt1u0oFGSQEhMW29bhfGx1mIyqHz1S1mtFsuDSFGWjy-WJL3LkR3iNso3E0Jwwm6rJpVqCDALWtHaxcx5BO-QgTDLdCZX8l9QukncLQXiRb40itUPBrN88GZ4hEA3p3GcQhqulrld1PcWea791zoqtvq4ZYGup42KmpLFHJjmj5MPUfczRR4cPXNEJIfn_x5eYXwNxWqtBJnqvlje_B7yoIpQdEJlkTwK8hYxPj4UUqCFMD6XNlaGlpa1vOobKlcNue6DVfS0pRoJ_Mg_hH8L0md0PB2GjMcz6_yUxiIJPQMF8bICCjdQlVdRvrGvDZwtAhHjkDPgV_0L1xeCJIBPEZDOyZ4cw_gIlugXKa625PuVGHe9qoLfLnPjuGDqR9clwritpWoNtxDOSnEILIehTFPQDFWPueo9YCnbU1vZ6dcI6GcLQXALH6jV-tmBYbiUoSAYubO5R_wcAra4NjAn-kHDXBaCFwCdzN5ge1n5Ue1sztjr1589lthj8pattYD1O4rEzGpXCdnrcmm2lZD6CXD4lRuevLqi6GIbnFBWNsSihQp6W5LqFQVIdRkoQHNVYP8-D4byjFueU_EM_wJEOzSpe1m7UThrmUDAqOZwhV-zujSH9iZARdUag4Ddx3OyrdJZUAqt6Rv81o0rU7wXYQnqXaoMCk20_o_a0AS1a-SGO4FH1OWmA0Exa_ndSgZ7PYHTgiPP7S-rR3ai9O3a7uRPG9tawBUYVphyLu7zskZ3xJjvanrdimyy8GUPWX7y7pbgruaCa9wAZQ1nM4BLXZoZxqGhDSIcwHpTyml1dMcosYKNhbPU6gCZGLQoQjKHrfyjfia0cevnoPlWce-wA3xYtDyAp-Arw60eYotvJnagr-KKJ1fGc81WogAieb46EqfEFTuq5qoYLhnmZcOD9nVZnVLwtJUsTP-khdcmDlaQA_aU8FcsYLDT5zoVMspWTuhqWL-t6xkxTIbwjyBStGpC2tKtaB0vtUjVIo-kJDpXSfHPWsMSEBHKJqsCT7LJwMxWpsb2PDFi6HTPkjKOC25yVRs0tvXdcDHr8HZLdEZg4mPqY8xCHzdM_S6rS5I7RUqJs4_oMfAF3LyYg7pQBicyLwqEECBW4EzLBXk7PEI8OOR24ZKY3Lfc-xr4-4RSKOdVbqkPGOr00tJNSDX9zfvyBHtOXbdPxkm8_aL7tPKay3bkm1L7I8ugG-riHnH0TM6BgJQOynsepHRUtUZMABJJn8gY3s7zOegFcSk--lOc3rneYbeEAspbAaMTW1HfJRQBNHNyoeSO0ri9qaAwRIehzuUvePIeNXRlJx5Wq0yLia7FiU0ybE2yqjxuMansQ-a8QFKGXMx7vsSrzpLCnHSjgSvvacHr_tIoYSNk4NeHLCLmvgw7-VIw_I-dww_pcbDjVTxVR5WYORXdqi2lhwLZM6DNc_MhIC6DVXskwDmvLEyZgQqBpXNrgY6SDgMtdWL4OgDSJsay2V2ixfEasQc1KQn4ROPUHtzRZVcwfzvUzg60j69xv57uvEBwxwdugz8mCgfoN9nS4UTKpFjdIB1ME7c_uWm-V3987pe8lVHSlu-PUQiYjjSWjuQkqlYhv3dWRm1MwMCC6zLgrKGiKyYbYwMEQhlV1sxdGntPVotaj0-xv15PcwrUu7qlpjg8-LgQmjNqKx6nwUFMGmZyo_q_MO5u9mYAQ_9N_PBOT_A9Uo2fT1rYQdkRQ1e9F0do1CDbOH7Ap8jhntrSGHJ00KVPX2UM8xBkfDpyMDunP8TbLPjq1dn9XR09aYNTALhzogVZYXQ2VCtdK__2bOLRSKvEngPlyM--HlNLa3uCUur33GG2cGoqZJT7GaAZp5j2b4-UzLg8Ztsw8vxxoGQY3tBw0hqWgi2HaL0HgKnIoq15cxUfS_-VanLh4OQE2C5cUEHvO1BrjJ7uRlZr1HSQ4xEdblgwOmQ6cblkMaL9Bj7hAFCCXkA9NXBVeb6BPLKlo2G5MZI9-JBT9dK-h6gdGu_fF01fGbUMuGYdPNPjoGx3ll5HDIdPUjwnr8BgLAwobRNRS9yaQLi_cEte1GHXnT1F4HQw9inXYHF8KlDxRQLDudCf2WijrOvO5JpIcFW56LNn60rJDWGOFTql-UrSBM-ZDdqAkpDAsZMnNFuvpJMjOZCk_6VFRyUzmFmogQlcrqlUKyRMm5xvpwLs7YU9BqQ6IePnIL6Sp8aGbqw1vKLdWVRuMgK3Sk8p7UhOWmzKSODy7PKcIz3Km_1Tufar0an7Iz7C8zsuMilDCiuNQ7vdS9uD7hCdFBAE3kF-hvFUdbVn9GtD-XvuaQx7jQ2m3UlPRe-wJaCs0xCbmUSsPbRStHetN1Xz9ac2YGl5Aqsq0W1kqk8N7xXAIY97IQJxQpPzSf7P-WS4iqBwO3sFJ3H7tJJ0SflfTecVD5h5GFoKN6v53TAT_y1ohyyCP4MruW7Z3eJmbSDNETmY2eeXGJh4gZkMBignXmMCdDqvpaYOYpGEHhGGrs1zPGr8Q5Ha9oJJ_UfOP-BXJk1WH2Y4XiJjKKje3DI8a8efVce5enDEtEvazesPqUVIHKZXeUiL7AoxsczkMO0qWLkvlzsKDhfWoE2N42lZ7Td_GJcJ4uqwiiFQcoL2LRUWTlY04nafsq5RhdJrbdchpZkpf61Jr-YDOCeCI7FRGJbiaAafKVF90hqTdOwbYYLxtHS4h8p0Eu1ZIp-48zxF0yU1Ne822g5T1xrwHpoSoKce9r2437jSSePDMGE9u5DCSC5eijzc2IuOLWBCG1M3NK2JiwntFWkYKD03ycdfcVOOcLBOkTaEaZyQbg4N2S6rJfFl-V2kN4IpDoX7A-Lu8jIF78lhyHM_CSI2TOKrb7kfIn_emhuwCaaoSshhLrgSiC_4FJH04rQtI8v4WPV2gmA4UVUeOvMmDsSzReqr_RCRMmJyWG-zOyg0LlJftFPm-Js0m7OOBOj3krOWoElIGIBxOgudxk2P8Hy5329ELOlxRb3zlmv2rsUWKMtCI2v9Zr4vmiyNkkvkCMcAGIEZHpqDcekmF7WNGLfCQslj1b5Km0tV8ECQkrDb0-ddo1ENNlM_pD6Ld22bKZwqkYGPCDgPa_tVxJsLQxusgJJIUVi3TjGpar62wBaASv7kw9Lyhbh5zW-7WMqcO0svTbHsDtQ4tsBwXdFFoPz-E4RCCXqy5ujhRzZJ3OaGAkvH6hpB3HopuBaDor49l8_Qg8A7KnllOptNRtCSHbNoB7VwGSdgJjxprEiTmdGQ9NCgKuQ-3QfPV7_jMkxfjMtNJrQJGROs6vGKhdWMQWAp0rmGCZfsILMZOWXAoBa1eSLIoidnGIrW2Byu-lXRyK8ihGEZ0YnNJ2XHHwXLmguA7Mkn_jPLROVsrrd0qJj5UnXBzqOtuYGVwJcuS9FJ5bHJ2V1JC76NtL403nb5wNXA6G4c9ReKVrBb1VtihpZbNi6cerGlD278FCPGQA1rDNQxLRnZ09srAUyK8bT7x0cz1ttUdMm50EOcAnb1PydKc2U5ZDmp_5mMm5lH7cNnZUJaA9u5J8rmOskBTiOkeRAQo6cOrV4422vVA90bH0FmIWyZ-KCW2T51lrE3k5oZpH0jYIpdjU-yDpTfvOMYb3JRTDW0zvPocMDJdFr-rEkKl-3VmsNgDP&cid=CAQSTgAvHhf_nuUp5SMi1ZrZ4yV_Im09gh7jXMdxBXndfTiTF3FJCWXcp5JHYMgreVSBidyIz90csl7EdQPcLWth5MIPTaZNerMj6yiSXfU5CRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.sanook.com%2F&ds=l&xdt=1&iif=1&cor=11921550709094943000&adk=2013371550&idt=125&cac=0&dtd=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
617.json
id5-sync.com/g/v2/ 		251 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/617.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
ebf5cf19fa85620740e3df7dfa787eb668ced7608eb1be570a3d1ba1f4dff560
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 20 Dec 2023 07:50:21 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
632
a.ad.gt/api/v1/u/matches/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/632?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.sanook.com%2F&ref=&_it=amazon&partner_id=632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4269a49d14c62a9c3bf2ddf644e9943f49bb2a6dd211264e27d2da9780658557

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:22 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 07:45:42 GMT
server
cloudflare
age
280
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
83864b451ee7193b-FRA
gen_204
pagead2.googlesyndication.com/pagead/ Frame ED86 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bq0JqvZyCZfahPP_hx_AP4-K5iAwAAAAAOAHgBAI&bg=!QkGlQQ7NAAY3kmNgF5I7ADQBe5WfOO90T5AQRLw2su_qwmn_CyJSdI3_YmvUuyxaRtPXGxMZBzvG3tUhjjT_FJNUaNeyAgAAAEBSAAAAAmgBB5kDQTtILdpFaihFrd43BQw9-U0nEDEfn5ypK6QoFohJLnjVKv3QE1nioszCwE25JWxBfROK-iUlEXvwQ_QBJwGs5RC97Qf5K3PYk9oQqbLKFK7z81Axv3A4gIHN2n4WjboM-ltBARm3sZQ5J7eaGk_YNq1A98oQNf0kKFWnOjWrgEzvgGE69TMxsyyR7V5yQafw4-uRSTag06dcUs9bvBVzmXzCv-qN7ltoC39zItJ5F_AYTA6COTLyybQVE41AaIch09e2UdyuWjuuNV3-HiUVHkuzZca1dwmCzVcYz2zPnJ67uWGeIwjE4x1Azs1y_p4l3Fn81_oh4dwfXLXtzcq8xQSOM5uAR8yFeC8DfXJkmw5kYMwZDbRoz9Sf84JoBiZkqq4bJv9rlvwp0bFp2wToxKvCqi5UIakvSARaiu4Oh86Qy2tvNpyRZNkoH3cnHzpKDedehSCz2_mI38doEY1V6AHs_PjkrvWsfdGOC--g9a8dKpQBH7FvQ2ICPlpax8PfB323gKM2kBk-wgBfTXAg1Hw6em9zAJDUqSx86WV1mBVBAWMxhUX-V-qJMwVs9fv7v-d5Uq8KpGMLD3l21smML-dNwkXgHRlPFJn3q6WpYXcvJHZgsSWJjRBnMdQbYoAyqEMnNMKYVVeldH2i-ftfEChzTPZYLo_ICPtwS2LJFuJT7Vl29I48W_tANbqrZMrw6s_Ojzl0q4-T_9JbUxaJYlWo5xEnhCEEEngN-CLoPPb4ikXgtPjj--KrvI0VDgctH2Xv1_fHrE2huo2gmpY6tHQUHzPe0Hh4YJEKGKGzUMySuctIPWgBuA5uu88dQYUH5wUNUXt9cgIhhhWCYFu89oDpqDzqhnjTGvIKxvj-LDfOp0zq7C9zOZlx5fNaJlhDIR96ovAs1cS-6mDmQzpzomTsoaOq2uIg76Uk7HAskIzkItO6ycujf0TFxtEB9oBIcEa1JKzm8cdl0kElKE2irG8tqQrliSbKFPvvA5vgAye_Pt2CMxiSzLGiFrf0KmIN9ooA5DQfb-UP6vQ-87yDj6rYzV_ZtBYYP0xmR0L2R9npALC5-C5QERrLqnF5KKMWJwKxsSajx7t90lIacQ-7fA38
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:22 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:22 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:22 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:22 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:22 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
938-
fundingchoicesmessages.google.com/f/AGSKWxXM5bm1m188GAXUgRqTOfAi1P2YDxgMR40RPIr75_x_mjwT6MbzYnS8u2riblUSHPv54pIo0xyRIQMB-SoVs38qato-W3BOS-LQNjU9sKdR7zn06PCEb4Z4EpLEzq4XV4FLJT1gxyqk0KsU76UK6SkoB4g5A... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXM5bm1m188GAXUgRqTOfAi1P2YDxgMR40RPIr75_x_mjwT6MbzYnS8u2riblUSHPv54pIo0xyRIQMB-SoVs38qato-W3BOS-LQNjU9sKdR7zn06PCEb4Z4EpLEzq4XV4FLJT1gxyqk0KsU76UK6SkoB4g5Axtxwouc9IQuSKCm9JZJLkCkMcF57OD1/_=728x90&/ads-no-/pageear._ad_vertical./ad/938-
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMwWfbcbLtnPlY16R7U9M_hg5D_tIw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f53aba488c5a13c9baaf68c26417f3e0a04a5cdcec9ada04a6562e8a37af6b74
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1KdtOA_d8Ufy_cHwCMfgnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:22 GMT
content-security-policy
script-src 'report-sample' 'nonce-1KdtOA_d8Ufy_cHwCMfgnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMwWfbcbLtnPlY16R7U9M_hg5D_tIw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2efaebd58a04587ebd6326f582a8fd4f808235be86d6cbc98b0851a3d5ca747c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51568
x-xss-protection
0
server
cafe
etag
4388323575850864901
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 20 Dec 2023 07:50:22 GMT
AGSKWxWlJ7jMNH92JUXM-S12uWQOZYekRCQ9K6BZ_HPkZC-gUOHtMg78DSF4MB2wGYzexTievRaNgrfOJvZWeOP8R8AIHFxeYw1uYzAMrEB9tF8Qsuyy1ruJnWl9OuJEh3tZv2wD44VFBQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWlJ7jMNH92JUXM-S12uWQOZYekRCQ9K6BZ_HPkZC-gUOHtMg78DSF4MB2wGYzexTievRaNgrfOJvZWeOP8R8AIHFxeYw1uYzAMrEB9tF8Qsuyy1ruJnWl9OuJEh3tZv2wD44VFBQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMwHoQ20fbHqWwNC8d65sakOgGWhJg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-RwiYbF1sKfZqjwO8MHM5sQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Dec 2023 07:50:22 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-RwiYbF1sKfZqjwO8MHM5sQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWlJ7jMNH92JUXM-S12uWQOZYekRCQ9K6BZ_HPkZC-gUOHtMg78DSF4MB2wGYzexTievRaNgrfOJvZWeOP8R8AIHFxeYw1uYzAMrEB9tF8Qsuyy1ruJnWl9OuJEh3tZv2wD44VFBQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWlJ7jMNH92JUXM-S12uWQOZYekRCQ9K6BZ_HPkZC-gUOHtMg78DSF4MB2wGYzexTievRaNgrfOJvZWeOP8R8AIHFxeYw1uYzAMrEB9tF8Qsuyy1ruJnWl9OuJEh3tZv2wD44VFBQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMwHoQ20fbHqWwNC8d65sakOgGWhJg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2u5FY5tdSKxYJ5QK67KIrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Dec 2023 07:50:22 GMT
content-security-policy
script-src 'report-sample' 'nonce-2u5FY5tdSKxYJ5QK67KIrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.sanook.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D5EA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312070101&jk=2879795536920383&bg=!V1SlVBvNAAY3kmNgF5I7ADQBe5WfONhK41eoBu_wgGoj-P9Yaa8Z1V24rxZUCLArkn96rlyQoHe8bpTO1WKHczlO8jVEAgAAAFJSAAAAAmgBBwoAazFF74nwEimVYatILCrwqE1cOG71UBHN8re7zoLCWV4Qkdzp6BfpBcvFGQPGtoq4JU2Z97QR7IbLBs8AlSzHrXIPQA-tw4QQ9G0A-khskwK2OsvKbUSWnu3neKN_AgImyRJ56VxI5TtogjAImQMawLyG_M-j1tgXiUokgILD7AQdlb_SWGpuhWWp35PX8B7dWZznsTA1nWKZTTrZSz7FqBwMTpxDb7BbQ10gve2aBaKxDvw_jjLR40hHOdN1qd9ds_c-ahxmUoySa5LYwiR3yQxgtSMdUgUCxPNKO86eoJqwwx4prHKKeWQvq9sQAlYf5YD16hj_xw0Uxlpi3FIc7LXcEJr5Vm3ymIr6PX39Gj7rwNtACZ16ZjW3lzXifU5VHKw7DJoz819ttk6CyhSPnUt79ammo4vVeB6ZmehTwltSCY3QV4u1jNywPeluf4rOZUemUwSbqagWJ68gVc6xzQblY_bZpKR7s9EeNPqS90-2Cy24i36q0tG7fWSStgT6-cBZ6sMrb1VlGwG9mu6QD7JaoeRpPssAcLP2SC2rAVhlOp9-VSMbY-Z1dXnsexPWn6Ia2dZrhutO2VJukvqeQ5PSRdmXmLshB6mdjghtkPYgrHfjEvLlijHcvMzuIBVNdFXr-o-HOADwJrMET86_C-AQrpLZ9d2qTXMdZSNyKhB_zC8Y2ckGDi4YKETfF9WFdE12q8qbbWWY3db-HxXF8ceJcyEV_QQyVwKY_uv_HvJUGqPdee1GgQ2HMd-EPy6l-6eLX6bmarX_KiHL0yeI-yTvTaIRQu2Jx0kRTjHOfcWRElYqGqAJwhcjihRXjm2oy0HlqjIaOw2y13aGFRnHMz0gcxNnKidr3nis3zrKNdZQJ1ITqcGUqCPSrVYK1FCMYka7yg6AbVnPBNdV3NqwjTnQk06zalIn0EvzCf90o3d3wbENEzGxjAjSZ4c2NMskNJYYtt5NgMvb3k_J7QkPGMfr0FRIFb7r3TWFGihHyFth2ZuWHklhwhkUiRw3ld7XYWwTaBQ7mGbA49g41nSzteVyz5yjbnn1sh5CnXkjV-i_0T30NoarZ9vLdF6to4mFZdObmoS4JZEYaBUTbCfcSmK5-dG5H840F_bk84v3sdGmD8STdxRpWz7W9oZwxOwgj8uDsBNjBBEMJj9j8Bsg9blpIwbPFU9uTj31U1UrQKOPHR_KNL6BQNM
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 508F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
30689
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 23:18:53 GMT
etag
5585625838579639069
expires
Tue, 02 Jan 2024 23:18:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxWlJ7jMNH92JUXM-S12uWQOZYekRCQ9K6BZ_HPkZC-gUOHtMg78DSF4MB2wGYzexTievRaNgrfOJvZWeOP8R8AIHFxeYw1uYzAMrEB9tF8Qsuyy1ruJnWl9OuJEh3tZv2wD44VFBQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWlJ7jMNH92JUXM-S12uWQOZYekRCQ9K6BZ_HPkZC-gUOHtMg78DSF4MB2wGYzexTievRaNgrfOJvZWeOP8R8AIHFxeYw1uYzAMrEB9tF8Qsuyy1ruJnWl9OuJEh3tZv2wD44VFBQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMwHoQ20fbHqWwNC8d65sakOgGWhJg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6EM2thN-RXMGLNylHSGW0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Dec 2023 07:50:22 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6EM2thN-RXMGLNylHSGW0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWlJ7jMNH92JUXM-S12uWQOZYekRCQ9K6BZ_HPkZC-gUOHtMg78DSF4MB2wGYzexTievRaNgrfOJvZWeOP8R8AIHFxeYw1uYzAMrEB9tF8Qsuyy1ruJnWl9OuJEh3tZv2wD44VFBQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWlJ7jMNH92JUXM-S12uWQOZYekRCQ9K6BZ_HPkZC-gUOHtMg78DSF4MB2wGYzexTievRaNgrfOJvZWeOP8R8AIHFxeYw1uYzAMrEB9tF8Qsuyy1ruJnWl9OuJEh3tZv2wD44VFBQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMwHoQ20fbHqWwNC8d65sakOgGWhJg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-WQiGreqt9aQcs9ZTn5VVEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Dec 2023 07:50:22 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-WQiGreqt9aQcs9ZTn5VVEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUOI6-WRHq-2D3gd7EcViwoUHxKf5KHcMgQ6HRjt4bYAA2GF9_MeqUXBYhAhP_ASSThMD1zGco3HSYd2yV0_x5VtyGrncZd4ygfEbIxB4JAGeHhuG6bbClbeRDXK_DvWp2RDpSVsg==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUOI6-WRHq-2D3gd7EcViwoUHxKf5KHcMgQ6HRjt4bYAA2GF9_MeqUXBYhAhP_ASSThMD1zGco3HSYd2yV0_x5VtyGrncZd4ygfEbIxB4JAGeHhuG6bbClbeRDXK_DvWp2RDpSVsg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzMDU4NjIyLDUzNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LnNhbm9vay5jb20vIixudWxsLFtbOCwiVXZGQlFSMzRTNVUiXSxbOSwiZGUiXSxbMTYsIlsxLDEsMV0iXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMwHoQ20fbHqWwNC8d65sakOgGWhJg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
99d8d854ea87a6a5ffc47e1b70ae93331b174e0c87ae285f602a4a35f7a4b790
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-F1k7_Vz9gP1fjkorDlCRBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:22 GMT
content-security-policy
script-src 'report-sample' 'nonce-F1k7_Vz9gP1fjkorDlCRBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWf5XA5OgstPPEr8pDt1edCOBdB0l2oBO8TdWBtcaSsEk9fdt7MjCA1MzoZtteX34cbaxeRKMxMz-LVAoUPm5sKr_dnW2V60YNOB50B9jShKBEVUmM1S-gxI_fU5IG-g8RbgCFdgA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWf5XA5OgstPPEr8pDt1edCOBdB0l2oBO8TdWBtcaSsEk9fdt7MjCA1MzoZtteX34cbaxeRKMxMz-LVAoUPm5sKr_dnW2V60YNOB50B9jShKBEVUmM1S-gxI_fU5IG-g8RbgCFdgA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMwHoQ20fbHqWwNC8d65sakOgGWhJg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ONul2gAr-GqzIA1SPus9Xw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Dec 2023 07:50:22 GMT
content-security-policy
script-src 'report-sample' 'nonce-ONul2gAr-GqzIA1SPus9Xw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
wrapper.html
wrappers.geoedge.be/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wrappers.geoedge.be/wrapper.html
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:1200:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68de9947c014ba26a1d48132dc5a94697f4c575972d2944da8e496f5780fd7b2

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 19 Dec 2023 13:17:07 GMT
x-amz-version-id
SIv.6LiuODikErkt8hGkZr.zJWI3NFp8
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
66796
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
3527
last-modified
Tue, 19 Dec 2023 13:15:23 GMT
server
AmazonS3
etag
"6a6d57dbabaa297544a761a67d32156f"
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
yI7W7CcvAFow8GWB3Hf-zXl5wegKa8-aJzE-mKLmPkiyPAxxVL2IVA==
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
a7541fc5c9a11282980ed923f9b2f1827738f86dee00d52a7b3bd71b640133d1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 20 Dec 2023 07:50:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
v3
id5-sync.com/gm/ 		318 B
597 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
bceb9a4db167f178f53e17480e354065eba7d07917e41360546d30137c0d9a94
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 20 Dec 2023 07:50:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame FC08 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1718269063684&version=m202309260101&ct=76&x=1&cor=11921550709094943000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame FC08 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuHUSdtBFj3PTRfpvuhPDXKSYRGuYhGKR1T18LdmfLJhn3KTwh9-BiYkf7Hkg8F0f_wHM8zhjridnUd_hE2L9K5f6He1wm9Lx5ezZKOYYLL4mbFwZyZyuVPVn1XKK0nFiWCe4HpZqU7OkWpJSQg82UaafSc&sai=AMfl-YR_mbf1HlJ6UPRn1ZfWdsScSMeQ9pUaotig6jfU6O2PWq_YOy3LZaJRg1ohgLhX8cDPwgbvZU91r5t_Lzfq-k0PTwh3_tF2UW9rhBIHync2it3t_QovODZ-OuOI2afE7my3CC9jt5tRghbG3nYC&sig=Cg0ArKJSzFxtLFfWIghqEAE&cid=CAQSTgAvHhf_nuUp5SMi1ZrZ4yV_Im09gh7jXMdxBXndfTiTF3FJCWXcp5JHYMgreVSBidyIz90csl7EdQPcLWth5MIPTaZNerMj6yiSXfU5CRgB&id=lidar2&mcvt=1004&p=950,1033,1200,1333&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4033539290&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703058621755&rpt=416&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tgframe.html
cdn.taboola.com/webpush/ Frame 1777 		530 B
552 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/webpush/tgframe.html
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/webpush/publishers/1011713/taboola-push-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee855581a36f5e32f1850e5d174d46156e51d3790a84851000c6b8cc0f135408

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

abp
94
accept-ranges
bytes
access-control-allow-origin
*
age
0
cache-control
private,max-age=14400
content-encoding
gzip
content-length
290
content-type
text/html
date
Wed, 20 Dec 2023 07:50:23 GMT
etag
"279913f0b9685fbf713832b8a94e8140"
last-modified
Tue, 25 May 2021 10:44:34 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 varnish
x-amz-id-2
rdoyMdNYbPSKwT4MsqESUc+aFY0Pi7f1Pi/FBrLffvWwu6Djf5b5z9/Ykjj/MKZ5ndHdPDJDFR0=
x-amz-replication-status
COMPLETED
x-amz-request-id
Q3X6NBBE61N4HS7V
x-amz-version-id
eCJpg3h26Rvju2v48GlDAqZa5i1cGp21
x-cache
HIT
x-cache-hits
1
x-served-by
cache-fra-eddf8230053-FRA
x-timer
S1703058624.662920,VS0,VE1
nr-rum-1.246.1.min.js
js-agent.newrelic.com/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-rum-1.246.1.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef19e3064e5fd9e046a6f4661949e2c7b1c7862f5269ac227ab08b8f63da87fe
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
RDDAwCkVSpQHx6hy0l8q2dFgVzGGMuQC
content-encoding
br
via
1.1 varnish
date
Wed, 20 Dec 2023 07:50:23 GMT
strict-transport-security
max-age=300
x-amz-request-id
DFZWV2Z0W8SVTMQ4
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
15673
x-amz-id-2
Y1o02ngYS9GSyYMTnZfNaLkZYF2Ng5U3OSMDbFJSoDOKwl98j5i58Sjtuv4hjeJbfl3Ks/nLW3I=
x-served-by
cache-fra-eddf8230077-FRA
last-modified
Tue, 31 Oct 2023 15:33:55 GMT
server
AmazonS3
x-timer
S1703058624.684823,VS0,VE0
etag
"04fdba12d14ecd22e6ac743bca4e0072"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
2
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6861f9f2f57c52ba68a388c4ff9a4d7245a312bdf5222c359f72f66a25cce51e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12270
x-xss-protection
0
8f062114d3
bam.nr-data.net/1/ 		40 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/8f062114d3?a=50891400&sa=1&v=1.246.1&t=Unnamed%20Transaction&rst=7613&ck=0&s=0&ref=https://www.sanook.com/&be=2422&fe=5153&dc=1212&perf=%7B%22timing%22:%7B%22of%22:1703058616084,%22n%22:0,%22f%22:1581,%22dn%22:1582,%22dne%22:1582,%22c%22:1582,%22s%22:1781,%22ce%22:2074,%22rq%22:2074,%22rp%22:2423,%22rpe%22:3084,%22di%22:3087,%22ds%22:3632,%22de%22:3634,%22dc%22:7573,%22l%22:7574,%22le%22:7575%7D,%22navigation%22:%7B%7D%7D&fp=3429&fcp=3429
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-rum-1.246.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 20 Dec 2023 07:50:23 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.sanook.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
CF-Ray
83864b4e98396949-FRA
Content-Length
40
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Dec 2023 07:50:23 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B425 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
48828
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 18:16:35 GMT
expires
Wed, 18 Dec 2024 18:16:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9395 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d3025663994bcd2f01f67ef22305550ba725becae4b6cf82733c24fa27f96acd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2C5cc6KkQkuFQTX5Q-T8-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-2C5cc6KkQkuFQTX5Q-T8-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 20 Dec 2023 07:50:23 GMT
expires
Wed, 20 Dec 2023 07:50:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame B425 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 09:20:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
81016
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Dec 2024 09:20:07 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9395 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=3602116451209563&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame B425 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?6XqTBw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-M0RYDTKBFK&gtm=45je3bt0v888883767&_p=1703058618519&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=177490872.1703058619&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&dl=https%3A%2F%2Fwww.sanook.com%2F&sid=1703058619&sct=1&seg=0&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&en=scroll&ep.user_session_id=1703058619028.rc6l287n&ep.content_channel=firstpage&ep.content_page_format=indexpage&ep.adblock_tracker=false&epn.percent_scrolled=90&_et=3&tfd=8008
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=3602116451209563&bg=!YWKlYi3NAAY3kmNgF5I7ADQBe5WfOHYsvOz-rHoVD3m4uY3sMy2_fvchulYkxL_c_O1jdK8WOIG4GeDbD71lY4XRzkKYAgAAAEJSAAAAAWgBB5kC8zy0U1VE4i1X3K6ABaT1YVAjaL2DKaRX_9ZK9V7xZ5DZI1sjBFDPyiD_ZUJjjUSnVkdLKIJri6Erqzh17FOvFBVW1myqmW8qZdL08NQIx7VfxNDzCV9rqVFd4GfMigaPnApta_-5eHFX09Awp3r1A3pl7YpAwsU9LJ5WiaFhwBqSmHOscMgaF2AWGwmk5_-S16ov07j1UlxT4fB5H6o2ZjPe6UfUQH1F6ZN1NXz_9qWKM-F1QHka0ZuzH1sDBqM3EzOcdrM4mJXq-wPBlUiuHXfMpCXbMBMzlUk0I_v4s75zcWDmW_ubGTKFycYvTZofOSmIPEx-pXQLFE8NO5SLQ6WuhAR7mvmBhtvLeMJz1iXwRPY45I4CrB-pZnXwjZ6XKBlA2HYKXNwSghzH56Zd1X4wlVnFnLH4U-Uy71t1lGIok5nz1225S2gwCKGvtlsiwkzt5r4e9nQMw3X7ggglGa0JdYEc_yAc3frmTGMGaxsLsiqE3qbNaJXdgy7uUrbdHA676UKvpoLQXj5614O9zJWeuPtOpJcYRWzNDdC9jw5lKllidLfCQbe285wUz7mCf52ZSyooGYT00BWy0kQExS0jFMQlKmePKp4A5GQQDotaVapQCjLcuNn3HXQ6q_ID_AfEHeLgECAcqOeca4-Q5IAKkQdGy4DDMrsomlQIwyLa1GPUbtss12vLD1b7IjrCYNwJK6bV-F0Q7naUvj_nUjLhI31jLMDhHe-rViS_1LLJJfm5jU0hud2m9turQL0NKUpH2zAQsbQKx1T48nUbkmwgDbgqltkH5--tq8mVKN06y01IwyIBeaqFeNF4Rj08wSQMZYBqBi8y2-vHBPjCLDko8KoQD87rAUDJZayJCfeJy1sifMrRpyaQP_xMAZPIWUd0squNy-Nhy9XLyO4W6-unucW9rattpgNcT8rtzstf0eyNZWhuGylw-SwcKS9UkWZizSxUCC2N7uXAOei1LE5QhyAz_YxIxATJUU-vV8vPOBjg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
tagline-template-update-april.jpg
s.isanook.com/fi/0/fp/393/1968593/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/393/1968593/tagline-template-update-april.jpg?ip/crop/w555h333/q80/jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
f511d64ff16d00cb069caf0cd81f4fb2d1d16e22bb395d118249fb57c2a85a86
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 05:42:31 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
8591323579881311738
accept-ranges
bytes
content-length
40412
expires
Fri, 19 Jan 2024 05:42:31 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1817974858&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=fp-eventpromote-redirect&ea=click&el=fp-eventpromote-redirect&_u=aADAAEABAAAAACAEK~&jid=&gjid=&cid=177490872.1703058619&tid=UA-8147095-6&_gid=959330799.1703058619&gtm=45He3bt0n81PNXLXRSv77572129&cd4=0&cd12=1703058629705.yovq60sk&cd43=0&cd44=2&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=82207832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 20:43:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
39996
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
c
sal.isanook.com/sa/ 		35 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sal.isanook.com/sa/c?v=1&_v=j41&a=1646506761&t=event&_s=2&dl=https%3A%2F%2Fwww.sanook.com%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=fp-eventpromote-redirect&ea=click&el=fp-eventpromote-redirect&_u=SEAAAAABC~&cid=1949871162.1703058622&tid=SA-8147095-6&cd4=0&cd8=b&z=1698668769
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.151.133.6 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
6.134.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 20 Dec 2023 07:50:29 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
no-cache, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35
Expires
Thu, 01 Jan 1970 00:00:01 GMT
d
dc.sanook.com/sanookStat/userActBinary/ 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dc.sanook.com/sanookStat/userActBinary/d?v=1&_v=j41&a=1646506761&t=event&_s=2&dl=https%3A%2F%2Fwww.sanook.com%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=fp-eventpromote-redirect&ea=click&el=fp-eventpromote-redirect&cd4=0&cd22=firstpage&cd23=indexpage&_gid=959330799.1703058619&_u=CAAAAEABC~&cid=177490872.1703058619&tid=DC-8147095-6&z=354176895
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
61.91.93.45 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-45.static.asianet.co.th
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 20 Dec 2023 07:50:29 GMT
X-Powered-By
ARR/3.0
Content-Length
0
cookiesync
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/cookiesync
  • https://cdn.aralego.net/ucfad/sdk/us-east/cookiesync
5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/cookiesync
Protocol
H2
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fd367045a99ab837da7993139ed22179ee8dd6a9e1915e83ac9d37c33d77a99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
460
alt-svc
h3=":443"; ma=86400
content-length
4739
last-modified
Mon, 28 Aug 2023 06:02:46 GMT
server
cloudflare
etag
"64ec3886-1283"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GyByo0HvHTsEgJXRQUc52zeKcz8ZFyYmJQur3TFjJDMze9aAC5wf1IdPnI%2FtbFIk7VzJ1n74VCykF%2Fv6b25I9H27zxVKkpkrYjKelML%2By3fgoHxp1qj2obecBRm2%2BakbXtoDPsOGQUjTiH%2Bs4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
83864b7ced392bd9-FRA

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/cookiesync
Connection
close
Content-length
0
idRequest
sync.aralego.com/ 		46 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=14px%20/%2021px%20%22Helvetica%20Neue%22,%20Helvetica,%20Arial,%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/cookiesync
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Bowie, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
2ca9853f1423af32773c5b787cf035d084c70048be75cbeaa1cd0470a041029b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:31 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
connection
close
content-length
46
usync.html
eus.rubiconproject.com/ Frame 1C35
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/cookiesync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 20 Dec 2023 07:50:31 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 20 Dec 2023 07:50:31 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
idsync
sync.aralego.com/ 		35 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?usprivacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Bowie, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:32 GMT
connection
close
content-length
35
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame 1C35 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a58069f865739d0b8ced7cc628818c2db43bf28a8aa132cb2b867054c9a50e45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 07:50:31 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Dec 2023 21:40:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=49781
Connection
keep-alive
Content-Length
13201
Expires
Wed, 20 Dec 2023 21:40:12 GMT
khaos.json
token.rubiconproject.com/ Frame 1C35 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
b71bced807741b20dd93dce6c2d26405
Expires
0
8f062114d3
bam.nr-data.net/events/1/ 		24 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/8f062114d3?a=50891400&sa=1&v=1.246.1&t=Unnamed%20Transaction&rst=17840&ck=0&s=0&ref=https://www.sanook.com/
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-rum-1.246.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 20 Dec 2023 07:50:34 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.sanook.com
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
83864b8e0a6e6949-FRA
Content-Length
24
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-M0RYDTKBFK&gtm=45je3bt0v888883767z877572129&_p=1703058618519&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=177490872.1703058619&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&dl=https%3A%2F%2Fwww.sanook.com%2F&sid=1703058619&sct=1&seg=1&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&en=event_ondemand&ep.user_session_id=1703058629705.ji5mudau&ep.content_channel=firstpage&ep.content_page_format=indexpage&ep.adblock_tracker=false&ep.event_category=fp-eventpromote-redirect&ep.event_action=click&ep.event_label=fp-eventpromote-redirect&epn.user_non_personalized_ads=2&_et=10620&tfd=18630
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-17F0RQM2JW&gtm=45je3bt0v9134475311&_p=1703058618519&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=177490872.1703058619&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=2&dl=https%3A%2F%2Fwww.sanook.com%2F&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sid=1703058619&sct=1&seg=1&en=click&_ee=1&ep.ua_dimension_4=0&ep.ua_dimension_12=1703058629705.yovq60sk&ep.ua_dimension_43=0&ep.ua_dimension_44=2&ep.event_category=fp-eventpromote-redirect&ep.event_label=fp-eventpromote-redirect&_et=10150&tfd=18632
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-17F0RQM2JW&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
15.jpg
s.isanook.com/fi/0/fp/393/1968565/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/393/1968565/15.jpg?ip/crop/w555h333/q80/jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
01f424785687f09ef9654be48d2aa3f54b7ecf8118fbdf2f58a1445d8b5216c1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 06:53:53 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
11834779216736201014
accept-ranges
bytes
content-length
34978
expires
Fri, 19 Jan 2024 06:53:53 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame FC08 		0
0
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sanook.com%2F&pid=oTbvaC25QyLho&cb=0&ws=1600x1200&v=23.1211.1645&t=4000&slots=%5B%7B%22sd%22%3A%22andbeyond3001%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21751243814%2C4899711%2F55034-300-250-1%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!andbeyond.media%2C132006%2C1%2C%2C%2C&gpp_sid=%5B-1%5D&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.20.160 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-20-160.vie50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:47 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 452b7761b1eb87a22cbc4ec546224f1a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
VIE50-P1
x-amz-rid
T0BQPV2DBG7J4XZGDQSB
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
Vzb9NFwr2ayl6YWfgVya0LVKLOPVBlXteDqn8VXvpEjDlBJNeEqfsg==
localstore.js
script.4dex.io/ 		483 B
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 07:50:47 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 27 Nov 2023 07:14:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1835068
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0690O9Yg33kSHfZqiaJFmaFIXUD1QlcTWM5q2UdOppe7j2O69F%2FUzSwwpY8JS7LcNCaWgxJm%2BSQ%2B8Df8qELLDzdmRIczdhUNqqjK6HUzyCtGnkBu1zFH48Vvo8v6OS2Jb9%2F4EIhqGKUSkSqa"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
83864be47862910d-FRA
hbjson
grid.bidswitch.net/ 		23 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d85f8f76581983eb6f9c4d761d48b5d6cf4505003cbd7c95d3f08fe0e124f944
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Dec 2023 07:50:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
nginx
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
48
3089474
bs.yandex.ru/prebid/ 		0
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/3089474?imp-id=1&target-ref=www.sanook.com&ssp-id=10500
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:47 GMT
last-modified
Wed, 20 Dec 2023 07:50:47 GMT
x-yandex-req-id
1703058647880311-1373519968692998955900227-production-app-host-sas-pcode-255
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.sanook.com
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Wed, 20 Dec 2023 07:50:47 GMT
hbjson
grid.bidswitch.net/ 		22 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d089e53c4e472949600c5baac5b68139e9ed3ce4befd2b4188b5c41fb2604855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Dec 2023 07:50:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
nginx
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
47
prebid
mp.4dex.io/ 		66 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2df93cdf82ecadb17fa1511e62333500fee1411eca884eb02d6ed77c2c1a339

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Wed, 20 Dec 2023 07:50:47 GMT
x-err
Create candidates: no candidates for bid requests
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: andbeyond3001
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
83864be48e2f3a79-FRA
expires
0
bid-request
a.teads.tv/hb/ 		16 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:47 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 20 Dec 2023 07:50:47 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		298 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=384960&zone_id=2141818&size_id=15&alt_size_ids=13%2C14&rp_schain=1.0,1!andbeyond.media,132006,1,,,&rf=https%3A%2F%2Fwww.sanook.com%2F&kw=%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%2C%E0%B8%AB%E0%B8%A7%E0%B8%A2%2C%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A%E0%B8%B2%E0%B8%A5%2C%E0%B8%9F%E0%B8%B1%E0%B8%87%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%2CJoox%2C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%2C%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%2C%E0%B8%A7%E0%B8%B2%E0%B9%84%E0%B8%A3%E0%B8%95%E0%B8%B5%E0%B9%89%2C%E0%B8%81%E0%B8%B5%E0%B8%AC%E0%B8%B2%2C%E0%B8%AB%E0%B8%99%E0%B8%B1%E0%B8%87%2C%E0%B8%A5%E0%B8%B0%E0%B8%84%E0%B8%A3%2C%E0%B8%84%E0%B8%A5%E0%B8%B4%E0%B8%9B%E0%B8%A7%E0%B8%B4%E0%B8%94%E0%B8%B5%E0%B9%82%E0%B8%AD%2C%E0%B8%AA%E0%B8%B8%E0%B8%82%E0%B8%A0%E0%B8%B2%E0%B8%9E%2C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%9A%E0%B8%B1%E0%B8%99%E0%B9%80%E0%B8%97%E0%B8%B4%E0%B8%87%2Csanook%2C%E0%B8%A7%E0%B8%B4%E0%B9%80%E0%B8%84%E0%B8%A3%E0%B8%B2%E0%B8%B0%E0%B8%AB%E0%B9%8C%E0%B8%9A%E0%B8%AD%E0%B8%A5%2C%E0%B9%80%E0%B8%81%E0%B8%A1%2C%E0%B8%94%E0%B8%B9%E0%B8%97%E0%B8%B5%E0%B8%A7%E0%B8%B5%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C&tg_i.domain=sanook.com&tg_i.page=https%3A%2F%2Fwww.sanook.com%2F&tk_flint=rtbpbjs_lite_v7.54.4&x_source.tid=8da1fecc-7c77-431e-b2d7-ef3a553dd9de&l_pb_bid_id=122e450af5ab1ad&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&x_imp.ext.tid=8da1fecc-7c77-431e-b2d7-ef3a553dd9de&rp_maxbids=1&slots=1&rand=0.08688829559521793
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9fee8e799a99f9bbdecfa6fb693a40c1f95e8599206fb941280e49b99ba5d22d

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:47 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
298
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 20 Dec 2023 07:50:47 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		139 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
18324f20e30b230d6c4730fe261513ec183e4f827d408524679859883abcdcfa
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:47 GMT
an-x-request-uuid
a3161aae-0e46-4f62-8bf6-679187e0f32c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.137; 178.162.209.137; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=145&profileId=185&av=36&wv=7.54.4&cb=8578169846
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 20 Dec 2023 07:50:46 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bid
ap.lijit.com/rtb/ 		23 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.4
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
f041fff4bfe058c4e6796a635a6fe873bc3cdb6f68205ae7e070b500b3dca793

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 20 Dec 2023 07:50:47 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
23
prebid
prebid.media.net/rtb/ 		338 B
645 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUO7Q43N
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
e5988ee27dd76b2e61a995185ae3ec813ff02f18d2b7664bf59e0fd54d6ae5da

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:47 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 20 Dec 2023 07:50:47 GMT
header
hb.aralego.com/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-BE7AE44DE8772396077EE2EB984D736E&tdid=&schain=&eids=&u=https%3A%2F%2Fwww.sanook.com%2F&host=www.sanook.com&ucfUid=7e103168-fc61-4eb2-a11a-14b7cd308203&w=300&h=250
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Bowie, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 20 Dec 2023 07:50:47 GMT
access-control-allow-credentials
true
connection
close
bid-request
rtb.adpone.com/ 		799 B
920 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adpone.com/bid-request?pid=12281515544499
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ba581f6451f9e7c0442131f9c1570a11e518d15f04a517754fd95ce3f4ee1e1

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Dec 2023 07:50:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2eVtEeZP4F32q%2F49RmQUOJlJyIc6aX5iVj%2B9iVR5te4luN4GRcVpU7ayppgHxnf5j2llWDxNjzqntczbiThxJBWPJCN8v4cbLATYOdro%2BrznyPiD2Gwrby0vGWt5YIvHOBZWscRrf19wioW"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
cf-ray
83864be49a425c20-FRA
prebid
ib.adnxs.com/ut/v3/ 		139 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom-richaudience.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
9af2e571241252feefc875c677dcad1145fe2146c76ccbd989cc4bfbc03f9ffa
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:47 GMT
an-x-request-uuid
32371145-a1fa-4771-8d70-4b7ee02460e3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.137; 178.162.209.137; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 07:50:47 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1989142
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:07 GMT
Server
cloudflare
ETag
W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U9FoQXFqrCKRHIlpyLUGcuLLO8Gch%2Fmg5J9FXZOXBwPWYl6K%2B0wjTN65MTYtr53dwxPAhF8vXi1DksJEtBTyqwY4VO1Up1Yty4mxPHbE%2Bp0facR7bFuZV3b%2BLUuY7y2illq8T2gpkd24OFVG"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
83864be4aae8038e-FRA
events
bidder.criteo.com/csm/ 		0
192 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 20 Dec 2023 07:50:47 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
q
p.adlooxtracking.com/ 		85 B
90 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/q?v=gpt-92559af&c=532&t=1193&p=248&pn=%2F&s=%2F4899711%2Fwww.sanook%2Fdesktop%2Fall%2Findexpage%2Funiversalb%09rgpt-universalb-2&s=%2F4899711%2Fwww.sanook%2Fdesktop%2Fall%2Findexpage%2Fbillboard%09rgpt-billboard-3&s=%2F4899711%2Fwww.sanook%2Fdesktop%2Fall%2Findexpage%2Freca%09rgpt-reca-4&s=%2F4899711%2Fwww.sanook%2Fdesktop%2Fall%2Findexpage%2FSkyscraper%09rgpt-Skyscraper-5&s=%2F4899711%2Fwww.sanook%2Fdesktop%2Fall%2Findexpage%2Fleaderboard%09rgpt-leaderboard-6&s=%2F21751243814%2C4899711%2F55034-300-250-1%09andbeyond3001
Requested by
Host: p.adlooxtracking.com
URL: https://p.adlooxtracking.com/gpt/a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.231.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b54468ec1cdd0686c619fa6353b05e6c1d2b86faf064ad2199c7b323aad7d2a6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-adloox-pubint-version
20231220012753
date
Wed, 20 Dec 2023 07:50:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-real-ip
178.162.209.137
x-adloox-pubint-commit
80ca8d3
via
1.1 google
x-adloox-pubint-commit-db
6850fd807-dirty
server-timing
conn;dur=0.008, ua;dur=0.026, segment_pipeline;dur=0.219, segment_ip;dur=0.006, segment_iab-valid;dur=0.014, segment_iab-spider;dur=0.876, segment_bs;dur=0.004, segment;dur=1.316
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server
nginx
vary
Accept-Encoding, origin, user-agent
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.sanook.com
access-control-expose-headers
x-adloox-pubint-commit, x-adloox-pubint-commit-db, x-adloox-pubint-version
cache-control
private, must-revalidate, max-age=3600, stale-while-revalidate=86400, stale-if-error=86400
access-control-max-age
600
timing-allow-origin
*
access-control-allow-headers
x-cloud-trace-context
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=928
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Wed, 20 Dec 2023 07:50:47 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3602116451209563&correlator=2498148455800219&eid=31079240%2C676982961&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&us_privacy=1---&iu_parts=21751243814%3A4899711%2C55034-300-250-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200&fluid=height&ifi=6&didk=4118059834&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D94f4042a76b41bc1%3AT%3D1703058620%3ART%3D1703058620%3AS%3DALNI_Mb0CMxwkMI8K3y9tdOfthoexo6tbA&gpic=UID%3D00000d23e72c9c88%3AT%3D1703058620%3ART%3D1703058620%3AS%3DALNI_MZ38PZJdxc8pOZ13oXFFlC11mrq2A&abxe=1&dt=1703058648236&lmt=1703058648&adxs=1033&adys=951&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=300&ga_vid=177490872.1703058619&ga_sid=1703058620&ga_hid=1817974858&ga_fc=true&ga_cid=959330799.1703058619&a3p=EhkKCnVpZGFwaS5jb20Yvf7QscgxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjL_9CxyDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBi9_tCxyDFIAFICCGQSGQoKcHViY2lkLm9yZxiG_9CxyDFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20Yvf7QscgxSABSAghkEj4KBW9wZW54EixleUpwSWpvaWNHdFZOWHAzUldwUmJsTnJSVGxhWWxoSFZTOWlRVDA5SW4wPRjygdGxyDFIAA..&dlt=1703058618508&idt=1533&ppid=4f082f52eb4055479340a8418e752d04&prev_scp=adunit%3Dreca%26prebidtrue%3D0%26hb_width%3D300%26hb_height%3D250%26active%3D1%26visible%3D1%26andbeyondhijack%3D0%26andbeyondunfilled%3D0%26refresh1%3D1%26activevisible%3D1%26refreshtype%3Dnone%26amznbid%3D2%26amznp%3D2%26adl_dis%3D-1&cust_params=refresh%3D0%26adl_ip%3Dadloox-dc%26adl_ok%3D1&adks=188470076&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b5b12f9317278da291368890d1426415eceea3333c9d903f4113ce7b0ffc67c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:48 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12433
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 500C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
28
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Dec 2023 07:50:20 GMT
expires
Thu, 19 Dec 2024 07:50:20 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tfav_adl_532.js
j.adlooxtracking.com/ads/js/ 		75 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.adlooxtracking.com/ads/js/tfav_adl_532.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4192 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
c126411169021a699eb16ebddcbb12f53fcb9a66007c85b474f81d77c6dd9aa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:48 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3156
x-guploader-uploadid
ABPtcPpqGf7WDU0GJ90186ZTh9IvdRYDSCiVJZMvi-198XExqfCa7lq8ydGSZAy9eUsgrSwF5TyRfkBYGw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Tue, 28 Nov 2023 10:23:31 GMT
server
cloudflare
etag
W/"debf2e7b81a350b1626854ba792819a3"
vary
Accept-Encoding
x-goog-generation
1701167011399040
content-type
application/javascript
x-goog-hash
crc32c=sMbcXg==, md5=3r8ue4GjULFiaFS6eSgZow==
cache-control
public, max-age=14400
x-goog-stored-content-length
76735
cf-ray
83864beb1b89912e-FRA
expires
Wed, 20 Dec 2023 07:58:12 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame C9AB 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGPbI4PkBMAE&v=APEucNV6r3Kyih-mV-GsP4RyBMHbd8sT8VwcTDgWadFZY3pfhY9MjtGFSJRN27atzO7oTTneR3fdMqM5hUZbJl44mK0JLSDdl6vDWaJm-j5S71F2Pwn2PVL2U0bT0p7i5IDAw5uVdqizWdjvW2T2xIxAZQqRq-kD4w47QZGjF8dhHD0H2yxlMvY
Requested by
Host: 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
URL: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Dec 2023 07:50:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 500C 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
URL: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 20 Dec 2023 07:50:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 500C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A3PBHYnyumJplj1ZTYI2QMthokWnUgoiuyZMFNrRQoHtS0GooPrqwS11B7Y4PvPcL_oWQp2P5U48O7q2l44LlRMBMsqgCug--3RR-1QjIaNoZRiz8
Requested by
Host: 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
URL: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 500C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
URL: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 13:38:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
65520
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Jan 2024 13:38:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 500C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
URL: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
21389
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Jan 2024 01:54:19 GMT
l
www.google.com/ads/measurement/ Frame 500C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTMM1lu4KlORNeRq7NvU8ECC4_cUlmPQ1X8XPF0UxcMoZM4s6oT-JlF9ugk1SMDI-3M90pgTnEGfLNsIqqA1BP3j0lHIg
Requested by
Host: 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
URL: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 500C 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
URL: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Dec 2023 07:50:48 GMT
ic5.php
data00.adlooxtracking.com/ads/ 		88 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data00.adlooxtracking.com/ads/ic5.php?tagid=1193&client=and_beyond_media&ts=pg-32755~1_fo-32755~1_vpw-32755~1600_vph-32755~1200_scw-32755~1600_sch-32755~1200_sco-32755~1_sca-32755~0_srx-32755~0_sry-32755~0_ev-32753~sb.32755~rp.32755~rvp.32755~rap.32761~ss&att=0.0.1600~1200&visite_id=75289002251&seq=0&timezone=-60&js=tfav_adl_532.js&date_regen=3c20610&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=andbeyond3001&id2=%2F21751243814%2C4899711%2F55034-300-250-1&id3=0&id4=0&id7=300x250&id8=https%3A%2F%2Fwww.sanook.com%2F&id9=DE&id11=%24ADLOOX_WEBSITE&p_d=0.008&usp=1---&fai=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&iframe=0&resolution=1600x1200&nav_lang=en-US&url_referrer=https%3A%2F%2Fwww.sanook.com%2F&activetab=1&cf=1
Requested by
Host: j.adlooxtracking.com
URL: https://j.adlooxtracking.com/ads/js/tfav_adl_532.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.31.249 -, , ASN (),
Reverse DNS
Software
/ PHP/7.4.33
Resource Hash
12db6710704be359f07f6c1e2bcb3955a3fd0ed332d59586cb0c38c6858c7312

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:48 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
PHP/7.4.33
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
x-route
ads-prod-f57d574b8-ntgmj
accept-ch
UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
vary
Accept-Encoding
accept-ch-lifetime
86400
content-type
application/json
access-control-allow-origin
https://www.sanook.com
access-control-allow-methods
POST, OPTIONS
cache-control
no-cache, no-store, must-revalidate
access-control-max-age
86400
access-control-allow-headers
Content-Type, X-Requested-With
expires
0
rum
dsum-sec.casalemedia.com/ Frame C9AB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKIZ2UExngOxJVXRz1bqWxQ&google_cver=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKIZ2UExngOxJVXRz1bqWxQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGPbI4PkBMAE&v=APEucNV6r3Kyih-mV-GsP4RyBMHbd8sT8VwcTDgWadFZY3pfhY9MjtGFSJRN27atzO7oTTneR3fdMqM5hUZbJl44mK0JLSDdl6vDWaJm-j5S71F2Pwn2PVL2U0bT0p7i5IDAw5uVdqizWdjvW2T2xIxAZQqRq-kD4w47QZGjF8dhHD0H2yxlMvY
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4V1yzR%2BB0G15B0bO0FuSL5%2BD3Sn4ANZqQ%2Fyl0F825Jv4HwPJvPqCcSjt21fXadtSCn5%2FsNd0D2Rknq%2FRXZ9IVQEgiJkgsucraCCetwCstveGLgCy63N8HMjuwiYIpOAnRk6xfC9K%2BALwWA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83864bebc8842bd7-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKIZ2UExngOxJVXRz1bqWxQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C9AB
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYKcvGXeAy9bBapzKW59LwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKIZ2UExngOxJVXRz1bqWxQ&google_cver=1
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKIZ2UExngOxJVXRz1bqWxQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGPbI4PkBMAE&v=APEucNV6r3Kyih-mV-GsP4RyBMHbd8sT8VwcTDgWadFZY3pfhY9MjtGFSJRN27atzO7oTTneR3fdMqM5hUZbJl44mK0JLSDdl6vDWaJm-j5S71F2Pwn2PVL2U0bT0p7i5IDAw5uVdqizWdjvW2T2xIxAZQqRq-kD4w47QZGjF8dhHD0H2yxlMvY
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EjRA67Yp6YfOXKKz0gbhv%2BZDDp%2FEbOFFOwXhPKOJJMRgcJyrZWJi4VSKytjIiOZWjISyX87T%2Fyf2YMuzAmwwIT0RoPtO8tMIOi3ioWJ859bIskp6vcZSkt1sO4YTNcIDdyoybEqNs%2FyVXA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83864bebe8a42bd7-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKIZ2UExngOxJVXRz1bqWxQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame C9AB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEObA-XGnbUOxV8E9-w3nMVI&google_cver=1
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEObA-XGnbUOxV8E9-w3nMVI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGPbI4PkBMAE&v=APEucNV6r3Kyih-mV-GsP4RyBMHbd8sT8VwcTDgWadFZY3pfhY9MjtGFSJRN27atzO7oTTneR3fdMqM5hUZbJl44mK0JLSDdl6vDWaJm-j5S71F2Pwn2PVL2U0bT0p7i5IDAw5uVdqizWdjvW2T2xIxAZQqRq-kD4w47QZGjF8dhHD0H2yxlMvY
Protocol
H2
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:48 GMT
an-x-request-uuid
3ce7fb5a-ee17-409a-977f-fceabea2fc24
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.137; 178.162.209.137; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEObA-XGnbUOxV8E9-w3nMVI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C9AB
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU1NTIxMjUyMjc5Njg5NTgxMQ%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU1NTIxMjUyMjc5Njg5NTgxMQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGPbI4PkBMAE&v=APEucNV6r3Kyih-mV-GsP4RyBMHbd8sT8VwcTDgWadFZY3pfhY9MjtGFSJRN27atzO7oTTneR3fdMqM5hUZbJl44mK0JLSDdl6vDWaJm-j5S71F2Pwn2PVL2U0bT0p7i5IDAw5uVdqizWdjvW2T2xIxAZQqRq-kD4w47QZGjF8dhHD0H2yxlMvY
Protocol
H2
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:48 GMT
an-x-request-uuid
1f50e8e5-fd23-4b2e-ab01-5c4fea64ff6d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU1NTIxMjUyMjc5Njg5NTgxMQ%3D%3D
x-proxy-origin
178.162.209.137; 178.162.209.137; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 500C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1830546298379&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 500C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1830546298379&version=m202309260101&ct=76&x=1&cor=1982051188129038800
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 500C 		97 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMcyECf6v5V3t1GhuVsdHxrIcayLrmgUmRZX9XLntTqEgyolZVkfc4bmNuXeiKCEKi1RubXGx8yboRYre-3AL8gDnO7zd9CWVlmlmtL9IkNi-l3aALzHrLDy3FuufQEtlXPVqJI7w71vacdcOLZk7NXVDpm7F5K5B4qZE5P0m9jMDFiQ4&dbm_d=AKAmf-ApkotiIZjRsJX0yTXkEmx3iTPVhwXy1WWxfkfaMCIhmgWdujjKdwYw8TSaxnWDKnbHIJ-vXpO0lG4ot-83DuO60QT1O41f6855IeRsZmRKePMt7D-st6sA7qtzoLMPP_2FyUiw-BC0RdXD1XMAMYXZ1fmbFjJdHitVGhBeji1Bp9bvHOweLX4-3xBgPr3WyjzKj8KEkidvCBc2mjfKpRJGyenwma_Vw_gwNU0c6fcnkYce17qwH7hmPOsD7Az46K-Z-GumMcg6c9xaF0onSO-Fg03jTxEUUmrlf-xhfFnUAT2y85zBgpSM8ySZ2xB6Mp7BEkuAxyF3ose4b4Dxnltusbsgs8X2HExmoxx2dnUcwvkHYrxz09NLSOuC8Ee67uNxPkPLg1L0j1tsfsSkk79zhQnG1zPVa9NaoMV--KkXWJ8qBCKGWfGVZryVi1AeeZUGbrbnD0Cw7prqnHysTbadcC1b0CzPnAhh_YoNuD5WkXY8P3a7FZLIBYxJzFlg0ZEUXDgIaTYkc_vM-xfv1rGYSJ8RBseK3lV3H1yMt3OanT3phnDQCsRSl8EyyObcTU6J9g2IisnjzLPZEQjf9Lo412VinFxs7ZhMLTyyY1pl1bZz7HfLuA3_NN1KU0nHiasVyWEUMAajjNRr7cfpa9d9Av_EG5mJ2QGzQzaNxP9Viwiq34_R5B-uV2Zedt1eEVjP0WwVDdPFICnQSr5sg0JsQvQOfuJ0JXMM8LWF6AD_HxN6Lyj5NuceLuTd5rcXD8AASOICk8r2JF9MeGD4rkvN_x1cCoH_Rc4iSbs50IYn2wT-mXRAc6l1hLwv0nP7IKFBQVckqvwLBFR50-qZVokFsXi9A_4XWh-KI5mL8690umtYePJTl67zaRUVEGxp5j2iGEo43x3EmxPi4y8FjkV1Y8O7ITj-4hBRaO4tkqCYmt3MCN5ddZEeW-qWYKE_c2ugqr1RlNhflPUnF6x1laQ9omGJ2TcxrZelVWmuuf3BdorBbtJssxE4uXylXZKEGpFTziRJrzhi5Lq6AZ5KU3rU-krpf0mFr6xOtIAuQ8nSNHv2zCj9sABsweS9eiZEihHpxADb7aWTOugV4FZqHYofo5J2KGdtL5xSj2cZ4JutWWjYMFMj0Q9KykAC9IhM9elOrlTeoYfpcfHUym9m9agkSLh7Hn--rFlA4EvN4weXN97uRjoH6SSJjdEiiKrNoHv9jEID1UvO2DCrlcs7RHT1_B_miioaZ9HoaO9WScdFzoMl2qF8uWhraT-MhZse2MKBbzhSJVPR3hOI4IE1SiWsPhKRRD3IHQ5lmLE8_yu-1AJi_zRM-U3v422BtoLm8MwKk2U1CEy6XW8nZ7IuAvY1vBARqKpZRfoOiY-kJ2H6plpsvW-2orEFutwNqLH741xYquQPfia-Sbr_YD2TIkmejrz79vmD5QAPPH2sUe0Xt6fXlvHwYadJZIZtsK1kPOouQKld4dMQGYgBxHsSvYrFHQaRcCl931VsPf8hdXAUWTDbrpjjys3yaWnTyuWp0w2ba34iOAI-9KrUsPJ_ayOfeSOurkxJIeSMIbRyRTdRpG_wJqu4pvAeuqNISAsPjUe6NiFkXpTLTJNUV-iQoVaQ4jZZHokBx1vdiTxeoBh21erqTUHYVmra6seRU1Vrj61l9BSC3zvytT86b1E1_Tfk2FHR8Wgi-wyaMG3xx5WVnxiliMocCsS52chtXH6COxkUpvRD6a4EFoWeai7nRQLRTY39-D9W3YUMJAcZewubK4l607WPWnEQ2UT0G2VmFZIBeTwrWSJ508vmAV3ScM1sCKHstK0MrFV_eqshtqEy25rn5TPJBZM8pLxT6klwF9q0vLW9wiwRCpW823dlSayg4dYlresW9frUHJPT9y7J_eriyoO-0pjXKGw53e-cw3VR1V4dvZi_K_an1o691Lolb-9yJhCFjM0C3kWLWHQQDVniJ8k7tqUhWT1XdVz5_5EIPWplmLqngDDWnL8wfAkMjeMdI9UO-FSPG6h27C61CvMZ2mwX-6D-t0JrsbS8KJ9L5kc2LJ0jYS_S3jFRNgmT3gyul-sCl2ml6WER1kiMMIYFcYgaZ-xhehWdC02cJRRKpf_lD5eAImdTuo6YvhvHmGa--7UmzgcdcBVVCR_FqyaeIavsXQ9u9qp2sUUGHZNbjBgMy9DfBGYgCQRa6akSLu8FwUz5fmurwcsauq60mNOb-5E-Xb8SqtTuV7ALFKD_Ufjm97uIuFZXye3fVjhq4tBlaM3AlDWsLbqmX5nVnEzs5HocjGMtBtvbQF-x6eEZWM5t35PFcIh6Dk021Oi8vWRzDye2IZawlMwnfEM2pSpRWIWSo7EUd1raImkKlVk9QymhzZdbRStkj0JeQrDOBQqrmjqRr2WWUCuKGGrgBUJIahGjUOKGGofPQGqF84IjPd166pDBFSUHMIMTp65ONZCnKGAJ0nTTit_cTHzq0VRd-3WAb_CXB_YJefFivdd-Vv_-2vO87TXAuGab9LxpnyMzdTQKjFrajC8q5Nvci-lXkLW1NXKRQszzmg2UkwGi4OP6Lea80zxAPoT_6QA8QqfD4nqtX7d0Eqc82KJDO463yo1aSNhTiy9siQ8ifMhtXx9MOB-V90azjU4unG_A8VeinQ-BFZ9GcT_bby33fRD5cbtQBez6UlQ0MsxccHQHYH-KRDAW5FR4RQPeXR8Ln4MfzzMnh8_PyvRo_iVIXAUto5MNXsIq9Ny_oQOMWQGeaFS-MqSHy4xECzkBeIHfAJQLskAyhGWMKI9lYEa1h43D1ovTYUXnNJxl3Mx172k484FhdTcm-uqmI9chIcJ4pQR11sGfg0NCzEV3uhE_hMI5EIoPaFDbOUxFTzAp_CXig3rbfs-Q2o10Rf-C99wZ4ztAFlh0bRd_Yk_bNML6LjncheTuhCAU_dY-q2rC5knPE-IrkJU2O7CISom92UjjZw2TNVkfSuCZbfzq_faaWFyYk4YjVrSJaaggG5XJl1X89tRQvrT1DunXk9XbJywBKZHF5QdLcHZR-kHChKpCfPDQCJQaPL8u17O85o4mnxXbtBeGqWjUpor48zF4FPEuLaHn8nqqUIlHQCs9hkBD7dEeMcTdQdBc3YTUXFExCvp_K5dio7YckIMT6ic35bBTc_dcMmFaYq7fNN07b1tEzQcLy53uYICCzRDfHc8mMBA7lcqEXwBsZTsQa5lL6AfmqM_EZPU_xy9VKbiHd7c6T70G8CO0cRuKag0hZjed7pCmD817yvz0Dah9Kdzs_De4FOZ-esC-LBx9ID0qVwrpQpci1IfVnU38qtrf_NjGDA0eajAezAwjqgNwfDyons4xONln26icAUywsBbCsgiCHQYbBMRlA8wRsyoat77_4Flls_i8WJjIRcgQxsg9xfG6r1WoSd4hCnAJq6WbPCKiApmMzCAHxhqpPOuiPSTOLCI7rOXB0cBO3uaijQtIwUNa-QmEWhIfl1aoY-BwOVgEMQk-QVES67aAvbhXYPM1oBscw3uXdlvh2TyKieSTASKsERDg0vMkYWgllYEdbtFmwQngxSdymB-MQNxEutj1sJB9Ymiu95CNU3HjyzARWQmN-6AXcUCyAvKNnVUoF_qTFHvmkRi7dk7x-HAR4U32mL8m-9N9k10SBWHT_ZOMLftobLygKnYkftDZsXC7belbyZwn417ij5yxFQALa9JX-SWbY-EmvO-CCX_gQcbhw9v47_r9cHsv1JRqgYU4wEYw6N90e95CAwVq39cfNaK1C8AuM3FTsUWVWJNz5fs8_a_Zdu9IP-hhm9jAkGdqieY7ySiUaXsTkIfEIhzEDNO17ATGV8Zwn8VoStR-h9KoCS-0Dyse0QpL0PnyQx807hfv4mq_6Jj2syUuGdRE8ucYGboTlHDgDlL0AR5QaOlEVovwTAaoHVJvfFM5h-jo0ZW8FvWAONYPMhVLJHKchL77-CVn2EcktkepET7P5YXy1qzAnHltJMn3DNw76IPmgiKS7tZFZno0NS5UFDqxJZYpNjozvPeqI-Y2vAPhSYrR444HgtYP4uWn2EsV6-bdkZw31kQRaGt2H2qZde-f_QIY_dvN9a8WLE4LIiRAxodMtXSetai2I-FcfOsfRm3in1akhbmSGMkaLFwzNrh_GFP7AJATjMPSGbYau41Ru6w77tZvHn5JQHyAdqFE9wVNF3BxVbFkcc-8uGL38dAyoz6KrXk-3FURjl-qXTQCm-NDRhEUnmKZW4uz6-9BtIIZiuC_exF8kW6-HUnabyjnJFq_nboZggiMfitSYXgOdv6L8ASLAFTBf01kFYhjpVDHdnT7hRxtpvm7p8OSz8XSuZeHffQ3ERcdVkgC6DhHjHp5nOHvkNY4sA8ZD9GUEZEJ8mEgrmmEuvu9DgsU0CWbm0qWdqPdP6kdIMrR1OabzQcWOItVDfKveyYquzQMPwM5mCKk9MVHXAMcDfw1prkNt4DnJDfw0d32glCkh_DkJA4djxO2f10tDjQrDtfWPFZCP_LPDqPT-hChpa-yF3PEiZpsXpI5sqRRT30w6tTcICyout2WCgI8wbOwh19LR36531mrRgIDJym_TfoG4hgR68zx_owP701utqebVhhz2s1jN7G_KMaQyxEOT0Qn-uomNLZ3WYUtnREQEYV-NNvJJCcfyhkhDh5J&cid=CAQSPAAvHhf_hHU_9ebkOyF1MG6M7Q5iGeuN3MY5xbRLdf2vuUnfAiTnX2OCu95GIlte29PF9EDxjtO6w94QuxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.sanook.com%2F&ds=l&xdt=1&iif=1&cor=1982051188129038800&adk=2975593753&idt=130&cac=0&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a87dd6dc8d0ff01fc3786b4f6fbd34142ad05caa1ce524d15799fab73680081d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41683
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1701938/75545082/ Frame 500C 		255 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1701938/75545082/skeleton.js?ias_dspID=3&ias_campId=1014402368&ias_pubId=pub-8731210765202237&ias_chanId=1&ias_placementId=20630548969&bidurl=https://www.sanook.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0j-eSh_baZZ8e3uPfZ_otwH
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMcyECf6v5V3t1GhuVsdHxrIcayLrmgUmRZX9XLntTqEgyolZVkfc4bmNuXeiKCEKi1RubXGx8yboRYre-3AL8gDnO7zd9CWVlmlmtL9IkNi-l3aALzHrLDy3FuufQEtlXPVqJI7w71vacdcOLZk7NXVDpm7F5K5B4qZE5P0m9jMDFiQ4&dbm_d=AKAmf-ApkotiIZjRsJX0yTXkEmx3iTPVhwXy1WWxfkfaMCIhmgWdujjKdwYw8TSaxnWDKnbHIJ-vXpO0lG4ot-83DuO60QT1O41f6855IeRsZmRKePMt7D-st6sA7qtzoLMPP_2FyUiw-BC0RdXD1XMAMYXZ1fmbFjJdHitVGhBeji1Bp9bvHOweLX4-3xBgPr3WyjzKj8KEkidvCBc2mjfKpRJGyenwma_Vw_gwNU0c6fcnkYce17qwH7hmPOsD7Az46K-Z-GumMcg6c9xaF0onSO-Fg03jTxEUUmrlf-xhfFnUAT2y85zBgpSM8ySZ2xB6Mp7BEkuAxyF3ose4b4Dxnltusbsgs8X2HExmoxx2dnUcwvkHYrxz09NLSOuC8Ee67uNxPkPLg1L0j1tsfsSkk79zhQnG1zPVa9NaoMV--KkXWJ8qBCKGWfGVZryVi1AeeZUGbrbnD0Cw7prqnHysTbadcC1b0CzPnAhh_YoNuD5WkXY8P3a7FZLIBYxJzFlg0ZEUXDgIaTYkc_vM-xfv1rGYSJ8RBseK3lV3H1yMt3OanT3phnDQCsRSl8EyyObcTU6J9g2IisnjzLPZEQjf9Lo412VinFxs7ZhMLTyyY1pl1bZz7HfLuA3_NN1KU0nHiasVyWEUMAajjNRr7cfpa9d9Av_EG5mJ2QGzQzaNxP9Viwiq34_R5B-uV2Zedt1eEVjP0WwVDdPFICnQSr5sg0JsQvQOfuJ0JXMM8LWF6AD_HxN6Lyj5NuceLuTd5rcXD8AASOICk8r2JF9MeGD4rkvN_x1cCoH_Rc4iSbs50IYn2wT-mXRAc6l1hLwv0nP7IKFBQVckqvwLBFR50-qZVokFsXi9A_4XWh-KI5mL8690umtYePJTl67zaRUVEGxp5j2iGEo43x3EmxPi4y8FjkV1Y8O7ITj-4hBRaO4tkqCYmt3MCN5ddZEeW-qWYKE_c2ugqr1RlNhflPUnF6x1laQ9omGJ2TcxrZelVWmuuf3BdorBbtJssxE4uXylXZKEGpFTziRJrzhi5Lq6AZ5KU3rU-krpf0mFr6xOtIAuQ8nSNHv2zCj9sABsweS9eiZEihHpxADb7aWTOugV4FZqHYofo5J2KGdtL5xSj2cZ4JutWWjYMFMj0Q9KykAC9IhM9elOrlTeoYfpcfHUym9m9agkSLh7Hn--rFlA4EvN4weXN97uRjoH6SSJjdEiiKrNoHv9jEID1UvO2DCrlcs7RHT1_B_miioaZ9HoaO9WScdFzoMl2qF8uWhraT-MhZse2MKBbzhSJVPR3hOI4IE1SiWsPhKRRD3IHQ5lmLE8_yu-1AJi_zRM-U3v422BtoLm8MwKk2U1CEy6XW8nZ7IuAvY1vBARqKpZRfoOiY-kJ2H6plpsvW-2orEFutwNqLH741xYquQPfia-Sbr_YD2TIkmejrz79vmD5QAPPH2sUe0Xt6fXlvHwYadJZIZtsK1kPOouQKld4dMQGYgBxHsSvYrFHQaRcCl931VsPf8hdXAUWTDbrpjjys3yaWnTyuWp0w2ba34iOAI-9KrUsPJ_ayOfeSOurkxJIeSMIbRyRTdRpG_wJqu4pvAeuqNISAsPjUe6NiFkXpTLTJNUV-iQoVaQ4jZZHokBx1vdiTxeoBh21erqTUHYVmra6seRU1Vrj61l9BSC3zvytT86b1E1_Tfk2FHR8Wgi-wyaMG3xx5WVnxiliMocCsS52chtXH6COxkUpvRD6a4EFoWeai7nRQLRTY39-D9W3YUMJAcZewubK4l607WPWnEQ2UT0G2VmFZIBeTwrWSJ508vmAV3ScM1sCKHstK0MrFV_eqshtqEy25rn5TPJBZM8pLxT6klwF9q0vLW9wiwRCpW823dlSayg4dYlresW9frUHJPT9y7J_eriyoO-0pjXKGw53e-cw3VR1V4dvZi_K_an1o691Lolb-9yJhCFjM0C3kWLWHQQDVniJ8k7tqUhWT1XdVz5_5EIPWplmLqngDDWnL8wfAkMjeMdI9UO-FSPG6h27C61CvMZ2mwX-6D-t0JrsbS8KJ9L5kc2LJ0jYS_S3jFRNgmT3gyul-sCl2ml6WER1kiMMIYFcYgaZ-xhehWdC02cJRRKpf_lD5eAImdTuo6YvhvHmGa--7UmzgcdcBVVCR_FqyaeIavsXQ9u9qp2sUUGHZNbjBgMy9DfBGYgCQRa6akSLu8FwUz5fmurwcsauq60mNOb-5E-Xb8SqtTuV7ALFKD_Ufjm97uIuFZXye3fVjhq4tBlaM3AlDWsLbqmX5nVnEzs5HocjGMtBtvbQF-x6eEZWM5t35PFcIh6Dk021Oi8vWRzDye2IZawlMwnfEM2pSpRWIWSo7EUd1raImkKlVk9QymhzZdbRStkj0JeQrDOBQqrmjqRr2WWUCuKGGrgBUJIahGjUOKGGofPQGqF84IjPd166pDBFSUHMIMTp65ONZCnKGAJ0nTTit_cTHzq0VRd-3WAb_CXB_YJefFivdd-Vv_-2vO87TXAuGab9LxpnyMzdTQKjFrajC8q5Nvci-lXkLW1NXKRQszzmg2UkwGi4OP6Lea80zxAPoT_6QA8QqfD4nqtX7d0Eqc82KJDO463yo1aSNhTiy9siQ8ifMhtXx9MOB-V90azjU4unG_A8VeinQ-BFZ9GcT_bby33fRD5cbtQBez6UlQ0MsxccHQHYH-KRDAW5FR4RQPeXR8Ln4MfzzMnh8_PyvRo_iVIXAUto5MNXsIq9Ny_oQOMWQGeaFS-MqSHy4xECzkBeIHfAJQLskAyhGWMKI9lYEa1h43D1ovTYUXnNJxl3Mx172k484FhdTcm-uqmI9chIcJ4pQR11sGfg0NCzEV3uhE_hMI5EIoPaFDbOUxFTzAp_CXig3rbfs-Q2o10Rf-C99wZ4ztAFlh0bRd_Yk_bNML6LjncheTuhCAU_dY-q2rC5knPE-IrkJU2O7CISom92UjjZw2TNVkfSuCZbfzq_faaWFyYk4YjVrSJaaggG5XJl1X89tRQvrT1DunXk9XbJywBKZHF5QdLcHZR-kHChKpCfPDQCJQaPL8u17O85o4mnxXbtBeGqWjUpor48zF4FPEuLaHn8nqqUIlHQCs9hkBD7dEeMcTdQdBc3YTUXFExCvp_K5dio7YckIMT6ic35bBTc_dcMmFaYq7fNN07b1tEzQcLy53uYICCzRDfHc8mMBA7lcqEXwBsZTsQa5lL6AfmqM_EZPU_xy9VKbiHd7c6T70G8CO0cRuKag0hZjed7pCmD817yvz0Dah9Kdzs_De4FOZ-esC-LBx9ID0qVwrpQpci1IfVnU38qtrf_NjGDA0eajAezAwjqgNwfDyons4xONln26icAUywsBbCsgiCHQYbBMRlA8wRsyoat77_4Flls_i8WJjIRcgQxsg9xfG6r1WoSd4hCnAJq6WbPCKiApmMzCAHxhqpPOuiPSTOLCI7rOXB0cBO3uaijQtIwUNa-QmEWhIfl1aoY-BwOVgEMQk-QVES67aAvbhXYPM1oBscw3uXdlvh2TyKieSTASKsERDg0vMkYWgllYEdbtFmwQngxSdymB-MQNxEutj1sJB9Ymiu95CNU3HjyzARWQmN-6AXcUCyAvKNnVUoF_qTFHvmkRi7dk7x-HAR4U32mL8m-9N9k10SBWHT_ZOMLftobLygKnYkftDZsXC7belbyZwn417ij5yxFQALa9JX-SWbY-EmvO-CCX_gQcbhw9v47_r9cHsv1JRqgYU4wEYw6N90e95CAwVq39cfNaK1C8AuM3FTsUWVWJNz5fs8_a_Zdu9IP-hhm9jAkGdqieY7ySiUaXsTkIfEIhzEDNO17ATGV8Zwn8VoStR-h9KoCS-0Dyse0QpL0PnyQx807hfv4mq_6Jj2syUuGdRE8ucYGboTlHDgDlL0AR5QaOlEVovwTAaoHVJvfFM5h-jo0ZW8FvWAONYPMhVLJHKchL77-CVn2EcktkepET7P5YXy1qzAnHltJMn3DNw76IPmgiKS7tZFZno0NS5UFDqxJZYpNjozvPeqI-Y2vAPhSYrR444HgtYP4uWn2EsV6-bdkZw31kQRaGt2H2qZde-f_QIY_dvN9a8WLE4LIiRAxodMtXSetai2I-FcfOsfRm3in1akhbmSGMkaLFwzNrh_GFP7AJATjMPSGbYau41Ru6w77tZvHn5JQHyAdqFE9wVNF3BxVbFkcc-8uGL38dAyoz6KrXk-3FURjl-qXTQCm-NDRhEUnmKZW4uz6-9BtIIZiuC_exF8kW6-HUnabyjnJFq_nboZggiMfitSYXgOdv6L8ASLAFTBf01kFYhjpVDHdnT7hRxtpvm7p8OSz8XSuZeHffQ3ERcdVkgC6DhHjHp5nOHvkNY4sA8ZD9GUEZEJ8mEgrmmEuvu9DgsU0CWbm0qWdqPdP6kdIMrR1OabzQcWOItVDfKveyYquzQMPwM5mCKk9MVHXAMcDfw1prkNt4DnJDfw0d32glCkh_DkJA4djxO2f10tDjQrDtfWPFZCP_LPDqPT-hChpa-yF3PEiZpsXpI5sqRRT30w6tTcICyout2WCgI8wbOwh19LR36531mrRgIDJym_TfoG4hgR68zx_owP701utqebVhhz2s1jN7G_KMaQyxEOT0Qn-uomNLZ3WYUtnREQEYV-NNvJJCcfyhkhDh5J&cid=CAQSPAAvHhf_hHU_9ebkOyF1MG6M7Q5iGeuN3MY5xbRLdf2vuUnfAiTnX2OCu95GIlte29PF9EDxjtO6w94QuxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.sanook.com%2F&ds=l&xdt=1&iif=1&cor=1982051188129038800&adk=2975593753&idt=130&cac=0&dtd=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.22.6 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a1f7d11749db8df0d0179178998905bbf108f7d1f20f1a2b4926c3f234d209d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:49 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 500C 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMcyECf6v5V3t1GhuVsdHxrIcayLrmgUmRZX9XLntTqEgyolZVkfc4bmNuXeiKCEKi1RubXGx8yboRYre-3AL8gDnO7zd9CWVlmlmtL9IkNi-l3aALzHrLDy3FuufQEtlXPVqJI7w71vacdcOLZk7NXVDpm7F5K5B4qZE5P0m9jMDFiQ4&dbm_d=AKAmf-ApkotiIZjRsJX0yTXkEmx3iTPVhwXy1WWxfkfaMCIhmgWdujjKdwYw8TSaxnWDKnbHIJ-vXpO0lG4ot-83DuO60QT1O41f6855IeRsZmRKePMt7D-st6sA7qtzoLMPP_2FyUiw-BC0RdXD1XMAMYXZ1fmbFjJdHitVGhBeji1Bp9bvHOweLX4-3xBgPr3WyjzKj8KEkidvCBc2mjfKpRJGyenwma_Vw_gwNU0c6fcnkYce17qwH7hmPOsD7Az46K-Z-GumMcg6c9xaF0onSO-Fg03jTxEUUmrlf-xhfFnUAT2y85zBgpSM8ySZ2xB6Mp7BEkuAxyF3ose4b4Dxnltusbsgs8X2HExmoxx2dnUcwvkHYrxz09NLSOuC8Ee67uNxPkPLg1L0j1tsfsSkk79zhQnG1zPVa9NaoMV--KkXWJ8qBCKGWfGVZryVi1AeeZUGbrbnD0Cw7prqnHysTbadcC1b0CzPnAhh_YoNuD5WkXY8P3a7FZLIBYxJzFlg0ZEUXDgIaTYkc_vM-xfv1rGYSJ8RBseK3lV3H1yMt3OanT3phnDQCsRSl8EyyObcTU6J9g2IisnjzLPZEQjf9Lo412VinFxs7ZhMLTyyY1pl1bZz7HfLuA3_NN1KU0nHiasVyWEUMAajjNRr7cfpa9d9Av_EG5mJ2QGzQzaNxP9Viwiq34_R5B-uV2Zedt1eEVjP0WwVDdPFICnQSr5sg0JsQvQOfuJ0JXMM8LWF6AD_HxN6Lyj5NuceLuTd5rcXD8AASOICk8r2JF9MeGD4rkvN_x1cCoH_Rc4iSbs50IYn2wT-mXRAc6l1hLwv0nP7IKFBQVckqvwLBFR50-qZVokFsXi9A_4XWh-KI5mL8690umtYePJTl67zaRUVEGxp5j2iGEo43x3EmxPi4y8FjkV1Y8O7ITj-4hBRaO4tkqCYmt3MCN5ddZEeW-qWYKE_c2ugqr1RlNhflPUnF6x1laQ9omGJ2TcxrZelVWmuuf3BdorBbtJssxE4uXylXZKEGpFTziRJrzhi5Lq6AZ5KU3rU-krpf0mFr6xOtIAuQ8nSNHv2zCj9sABsweS9eiZEihHpxADb7aWTOugV4FZqHYofo5J2KGdtL5xSj2cZ4JutWWjYMFMj0Q9KykAC9IhM9elOrlTeoYfpcfHUym9m9agkSLh7Hn--rFlA4EvN4weXN97uRjoH6SSJjdEiiKrNoHv9jEID1UvO2DCrlcs7RHT1_B_miioaZ9HoaO9WScdFzoMl2qF8uWhraT-MhZse2MKBbzhSJVPR3hOI4IE1SiWsPhKRRD3IHQ5lmLE8_yu-1AJi_zRM-U3v422BtoLm8MwKk2U1CEy6XW8nZ7IuAvY1vBARqKpZRfoOiY-kJ2H6plpsvW-2orEFutwNqLH741xYquQPfia-Sbr_YD2TIkmejrz79vmD5QAPPH2sUe0Xt6fXlvHwYadJZIZtsK1kPOouQKld4dMQGYgBxHsSvYrFHQaRcCl931VsPf8hdXAUWTDbrpjjys3yaWnTyuWp0w2ba34iOAI-9KrUsPJ_ayOfeSOurkxJIeSMIbRyRTdRpG_wJqu4pvAeuqNISAsPjUe6NiFkXpTLTJNUV-iQoVaQ4jZZHokBx1vdiTxeoBh21erqTUHYVmra6seRU1Vrj61l9BSC3zvytT86b1E1_Tfk2FHR8Wgi-wyaMG3xx5WVnxiliMocCsS52chtXH6COxkUpvRD6a4EFoWeai7nRQLRTY39-D9W3YUMJAcZewubK4l607WPWnEQ2UT0G2VmFZIBeTwrWSJ508vmAV3ScM1sCKHstK0MrFV_eqshtqEy25rn5TPJBZM8pLxT6klwF9q0vLW9wiwRCpW823dlSayg4dYlresW9frUHJPT9y7J_eriyoO-0pjXKGw53e-cw3VR1V4dvZi_K_an1o691Lolb-9yJhCFjM0C3kWLWHQQDVniJ8k7tqUhWT1XdVz5_5EIPWplmLqngDDWnL8wfAkMjeMdI9UO-FSPG6h27C61CvMZ2mwX-6D-t0JrsbS8KJ9L5kc2LJ0jYS_S3jFRNgmT3gyul-sCl2ml6WER1kiMMIYFcYgaZ-xhehWdC02cJRRKpf_lD5eAImdTuo6YvhvHmGa--7UmzgcdcBVVCR_FqyaeIavsXQ9u9qp2sUUGHZNbjBgMy9DfBGYgCQRa6akSLu8FwUz5fmurwcsauq60mNOb-5E-Xb8SqtTuV7ALFKD_Ufjm97uIuFZXye3fVjhq4tBlaM3AlDWsLbqmX5nVnEzs5HocjGMtBtvbQF-x6eEZWM5t35PFcIh6Dk021Oi8vWRzDye2IZawlMwnfEM2pSpRWIWSo7EUd1raImkKlVk9QymhzZdbRStkj0JeQrDOBQqrmjqRr2WWUCuKGGrgBUJIahGjUOKGGofPQGqF84IjPd166pDBFSUHMIMTp65ONZCnKGAJ0nTTit_cTHzq0VRd-3WAb_CXB_YJefFivdd-Vv_-2vO87TXAuGab9LxpnyMzdTQKjFrajC8q5Nvci-lXkLW1NXKRQszzmg2UkwGi4OP6Lea80zxAPoT_6QA8QqfD4nqtX7d0Eqc82KJDO463yo1aSNhTiy9siQ8ifMhtXx9MOB-V90azjU4unG_A8VeinQ-BFZ9GcT_bby33fRD5cbtQBez6UlQ0MsxccHQHYH-KRDAW5FR4RQPeXR8Ln4MfzzMnh8_PyvRo_iVIXAUto5MNXsIq9Ny_oQOMWQGeaFS-MqSHy4xECzkBeIHfAJQLskAyhGWMKI9lYEa1h43D1ovTYUXnNJxl3Mx172k484FhdTcm-uqmI9chIcJ4pQR11sGfg0NCzEV3uhE_hMI5EIoPaFDbOUxFTzAp_CXig3rbfs-Q2o10Rf-C99wZ4ztAFlh0bRd_Yk_bNML6LjncheTuhCAU_dY-q2rC5knPE-IrkJU2O7CISom92UjjZw2TNVkfSuCZbfzq_faaWFyYk4YjVrSJaaggG5XJl1X89tRQvrT1DunXk9XbJywBKZHF5QdLcHZR-kHChKpCfPDQCJQaPL8u17O85o4mnxXbtBeGqWjUpor48zF4FPEuLaHn8nqqUIlHQCs9hkBD7dEeMcTdQdBc3YTUXFExCvp_K5dio7YckIMT6ic35bBTc_dcMmFaYq7fNN07b1tEzQcLy53uYICCzRDfHc8mMBA7lcqEXwBsZTsQa5lL6AfmqM_EZPU_xy9VKbiHd7c6T70G8CO0cRuKag0hZjed7pCmD817yvz0Dah9Kdzs_De4FOZ-esC-LBx9ID0qVwrpQpci1IfVnU38qtrf_NjGDA0eajAezAwjqgNwfDyons4xONln26icAUywsBbCsgiCHQYbBMRlA8wRsyoat77_4Flls_i8WJjIRcgQxsg9xfG6r1WoSd4hCnAJq6WbPCKiApmMzCAHxhqpPOuiPSTOLCI7rOXB0cBO3uaijQtIwUNa-QmEWhIfl1aoY-BwOVgEMQk-QVES67aAvbhXYPM1oBscw3uXdlvh2TyKieSTASKsERDg0vMkYWgllYEdbtFmwQngxSdymB-MQNxEutj1sJB9Ymiu95CNU3HjyzARWQmN-6AXcUCyAvKNnVUoF_qTFHvmkRi7dk7x-HAR4U32mL8m-9N9k10SBWHT_ZOMLftobLygKnYkftDZsXC7belbyZwn417ij5yxFQALa9JX-SWbY-EmvO-CCX_gQcbhw9v47_r9cHsv1JRqgYU4wEYw6N90e95CAwVq39cfNaK1C8AuM3FTsUWVWJNz5fs8_a_Zdu9IP-hhm9jAkGdqieY7ySiUaXsTkIfEIhzEDNO17ATGV8Zwn8VoStR-h9KoCS-0Dyse0QpL0PnyQx807hfv4mq_6Jj2syUuGdRE8ucYGboTlHDgDlL0AR5QaOlEVovwTAaoHVJvfFM5h-jo0ZW8FvWAONYPMhVLJHKchL77-CVn2EcktkepET7P5YXy1qzAnHltJMn3DNw76IPmgiKS7tZFZno0NS5UFDqxJZYpNjozvPeqI-Y2vAPhSYrR444HgtYP4uWn2EsV6-bdkZw31kQRaGt2H2qZde-f_QIY_dvN9a8WLE4LIiRAxodMtXSetai2I-FcfOsfRm3in1akhbmSGMkaLFwzNrh_GFP7AJATjMPSGbYau41Ru6w77tZvHn5JQHyAdqFE9wVNF3BxVbFkcc-8uGL38dAyoz6KrXk-3FURjl-qXTQCm-NDRhEUnmKZW4uz6-9BtIIZiuC_exF8kW6-HUnabyjnJFq_nboZggiMfitSYXgOdv6L8ASLAFTBf01kFYhjpVDHdnT7hRxtpvm7p8OSz8XSuZeHffQ3ERcdVkgC6DhHjHp5nOHvkNY4sA8ZD9GUEZEJ8mEgrmmEuvu9DgsU0CWbm0qWdqPdP6kdIMrR1OabzQcWOItVDfKveyYquzQMPwM5mCKk9MVHXAMcDfw1prkNt4DnJDfw0d32glCkh_DkJA4djxO2f10tDjQrDtfWPFZCP_LPDqPT-hChpa-yF3PEiZpsXpI5sqRRT30w6tTcICyout2WCgI8wbOwh19LR36531mrRgIDJym_TfoG4hgR68zx_owP701utqebVhhz2s1jN7G_KMaQyxEOT0Qn-uomNLZ3WYUtnREQEYV-NNvJJCcfyhkhDh5J&cid=CAQSPAAvHhf_hHU_9ebkOyF1MG6M7Q5iGeuN3MY5xbRLdf2vuUnfAiTnX2OCu95GIlte29PF9EDxjtO6w94QuxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.sanook.com%2F&ds=l&xdt=1&iif=1&cor=1982051188129038800&adk=2975593753&idt=130&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:43:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
22019
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
server
cafe
etag
16225921609732785849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Jan 2024 01:43:50 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 500C 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMcyECf6v5V3t1GhuVsdHxrIcayLrmgUmRZX9XLntTqEgyolZVkfc4bmNuXeiKCEKi1RubXGx8yboRYre-3AL8gDnO7zd9CWVlmlmtL9IkNi-l3aALzHrLDy3FuufQEtlXPVqJI7w71vacdcOLZk7NXVDpm7F5K5B4qZE5P0m9jMDFiQ4&dbm_d=AKAmf-ApkotiIZjRsJX0yTXkEmx3iTPVhwXy1WWxfkfaMCIhmgWdujjKdwYw8TSaxnWDKnbHIJ-vXpO0lG4ot-83DuO60QT1O41f6855IeRsZmRKePMt7D-st6sA7qtzoLMPP_2FyUiw-BC0RdXD1XMAMYXZ1fmbFjJdHitVGhBeji1Bp9bvHOweLX4-3xBgPr3WyjzKj8KEkidvCBc2mjfKpRJGyenwma_Vw_gwNU0c6fcnkYce17qwH7hmPOsD7Az46K-Z-GumMcg6c9xaF0onSO-Fg03jTxEUUmrlf-xhfFnUAT2y85zBgpSM8ySZ2xB6Mp7BEkuAxyF3ose4b4Dxnltusbsgs8X2HExmoxx2dnUcwvkHYrxz09NLSOuC8Ee67uNxPkPLg1L0j1tsfsSkk79zhQnG1zPVa9NaoMV--KkXWJ8qBCKGWfGVZryVi1AeeZUGbrbnD0Cw7prqnHysTbadcC1b0CzPnAhh_YoNuD5WkXY8P3a7FZLIBYxJzFlg0ZEUXDgIaTYkc_vM-xfv1rGYSJ8RBseK3lV3H1yMt3OanT3phnDQCsRSl8EyyObcTU6J9g2IisnjzLPZEQjf9Lo412VinFxs7ZhMLTyyY1pl1bZz7HfLuA3_NN1KU0nHiasVyWEUMAajjNRr7cfpa9d9Av_EG5mJ2QGzQzaNxP9Viwiq34_R5B-uV2Zedt1eEVjP0WwVDdPFICnQSr5sg0JsQvQOfuJ0JXMM8LWF6AD_HxN6Lyj5NuceLuTd5rcXD8AASOICk8r2JF9MeGD4rkvN_x1cCoH_Rc4iSbs50IYn2wT-mXRAc6l1hLwv0nP7IKFBQVckqvwLBFR50-qZVokFsXi9A_4XWh-KI5mL8690umtYePJTl67zaRUVEGxp5j2iGEo43x3EmxPi4y8FjkV1Y8O7ITj-4hBRaO4tkqCYmt3MCN5ddZEeW-qWYKE_c2ugqr1RlNhflPUnF6x1laQ9omGJ2TcxrZelVWmuuf3BdorBbtJssxE4uXylXZKEGpFTziRJrzhi5Lq6AZ5KU3rU-krpf0mFr6xOtIAuQ8nSNHv2zCj9sABsweS9eiZEihHpxADb7aWTOugV4FZqHYofo5J2KGdtL5xSj2cZ4JutWWjYMFMj0Q9KykAC9IhM9elOrlTeoYfpcfHUym9m9agkSLh7Hn--rFlA4EvN4weXN97uRjoH6SSJjdEiiKrNoHv9jEID1UvO2DCrlcs7RHT1_B_miioaZ9HoaO9WScdFzoMl2qF8uWhraT-MhZse2MKBbzhSJVPR3hOI4IE1SiWsPhKRRD3IHQ5lmLE8_yu-1AJi_zRM-U3v422BtoLm8MwKk2U1CEy6XW8nZ7IuAvY1vBARqKpZRfoOiY-kJ2H6plpsvW-2orEFutwNqLH741xYquQPfia-Sbr_YD2TIkmejrz79vmD5QAPPH2sUe0Xt6fXlvHwYadJZIZtsK1kPOouQKld4dMQGYgBxHsSvYrFHQaRcCl931VsPf8hdXAUWTDbrpjjys3yaWnTyuWp0w2ba34iOAI-9KrUsPJ_ayOfeSOurkxJIeSMIbRyRTdRpG_wJqu4pvAeuqNISAsPjUe6NiFkXpTLTJNUV-iQoVaQ4jZZHokBx1vdiTxeoBh21erqTUHYVmra6seRU1Vrj61l9BSC3zvytT86b1E1_Tfk2FHR8Wgi-wyaMG3xx5WVnxiliMocCsS52chtXH6COxkUpvRD6a4EFoWeai7nRQLRTY39-D9W3YUMJAcZewubK4l607WPWnEQ2UT0G2VmFZIBeTwrWSJ508vmAV3ScM1sCKHstK0MrFV_eqshtqEy25rn5TPJBZM8pLxT6klwF9q0vLW9wiwRCpW823dlSayg4dYlresW9frUHJPT9y7J_eriyoO-0pjXKGw53e-cw3VR1V4dvZi_K_an1o691Lolb-9yJhCFjM0C3kWLWHQQDVniJ8k7tqUhWT1XdVz5_5EIPWplmLqngDDWnL8wfAkMjeMdI9UO-FSPG6h27C61CvMZ2mwX-6D-t0JrsbS8KJ9L5kc2LJ0jYS_S3jFRNgmT3gyul-sCl2ml6WER1kiMMIYFcYgaZ-xhehWdC02cJRRKpf_lD5eAImdTuo6YvhvHmGa--7UmzgcdcBVVCR_FqyaeIavsXQ9u9qp2sUUGHZNbjBgMy9DfBGYgCQRa6akSLu8FwUz5fmurwcsauq60mNOb-5E-Xb8SqtTuV7ALFKD_Ufjm97uIuFZXye3fVjhq4tBlaM3AlDWsLbqmX5nVnEzs5HocjGMtBtvbQF-x6eEZWM5t35PFcIh6Dk021Oi8vWRzDye2IZawlMwnfEM2pSpRWIWSo7EUd1raImkKlVk9QymhzZdbRStkj0JeQrDOBQqrmjqRr2WWUCuKGGrgBUJIahGjUOKGGofPQGqF84IjPd166pDBFSUHMIMTp65ONZCnKGAJ0nTTit_cTHzq0VRd-3WAb_CXB_YJefFivdd-Vv_-2vO87TXAuGab9LxpnyMzdTQKjFrajC8q5Nvci-lXkLW1NXKRQszzmg2UkwGi4OP6Lea80zxAPoT_6QA8QqfD4nqtX7d0Eqc82KJDO463yo1aSNhTiy9siQ8ifMhtXx9MOB-V90azjU4unG_A8VeinQ-BFZ9GcT_bby33fRD5cbtQBez6UlQ0MsxccHQHYH-KRDAW5FR4RQPeXR8Ln4MfzzMnh8_PyvRo_iVIXAUto5MNXsIq9Ny_oQOMWQGeaFS-MqSHy4xECzkBeIHfAJQLskAyhGWMKI9lYEa1h43D1ovTYUXnNJxl3Mx172k484FhdTcm-uqmI9chIcJ4pQR11sGfg0NCzEV3uhE_hMI5EIoPaFDbOUxFTzAp_CXig3rbfs-Q2o10Rf-C99wZ4ztAFlh0bRd_Yk_bNML6LjncheTuhCAU_dY-q2rC5knPE-IrkJU2O7CISom92UjjZw2TNVkfSuCZbfzq_faaWFyYk4YjVrSJaaggG5XJl1X89tRQvrT1DunXk9XbJywBKZHF5QdLcHZR-kHChKpCfPDQCJQaPL8u17O85o4mnxXbtBeGqWjUpor48zF4FPEuLaHn8nqqUIlHQCs9hkBD7dEeMcTdQdBc3YTUXFExCvp_K5dio7YckIMT6ic35bBTc_dcMmFaYq7fNN07b1tEzQcLy53uYICCzRDfHc8mMBA7lcqEXwBsZTsQa5lL6AfmqM_EZPU_xy9VKbiHd7c6T70G8CO0cRuKag0hZjed7pCmD817yvz0Dah9Kdzs_De4FOZ-esC-LBx9ID0qVwrpQpci1IfVnU38qtrf_NjGDA0eajAezAwjqgNwfDyons4xONln26icAUywsBbCsgiCHQYbBMRlA8wRsyoat77_4Flls_i8WJjIRcgQxsg9xfG6r1WoSd4hCnAJq6WbPCKiApmMzCAHxhqpPOuiPSTOLCI7rOXB0cBO3uaijQtIwUNa-QmEWhIfl1aoY-BwOVgEMQk-QVES67aAvbhXYPM1oBscw3uXdlvh2TyKieSTASKsERDg0vMkYWgllYEdbtFmwQngxSdymB-MQNxEutj1sJB9Ymiu95CNU3HjyzARWQmN-6AXcUCyAvKNnVUoF_qTFHvmkRi7dk7x-HAR4U32mL8m-9N9k10SBWHT_ZOMLftobLygKnYkftDZsXC7belbyZwn417ij5yxFQALa9JX-SWbY-EmvO-CCX_gQcbhw9v47_r9cHsv1JRqgYU4wEYw6N90e95CAwVq39cfNaK1C8AuM3FTsUWVWJNz5fs8_a_Zdu9IP-hhm9jAkGdqieY7ySiUaXsTkIfEIhzEDNO17ATGV8Zwn8VoStR-h9KoCS-0Dyse0QpL0PnyQx807hfv4mq_6Jj2syUuGdRE8ucYGboTlHDgDlL0AR5QaOlEVovwTAaoHVJvfFM5h-jo0ZW8FvWAONYPMhVLJHKchL77-CVn2EcktkepET7P5YXy1qzAnHltJMn3DNw76IPmgiKS7tZFZno0NS5UFDqxJZYpNjozvPeqI-Y2vAPhSYrR444HgtYP4uWn2EsV6-bdkZw31kQRaGt2H2qZde-f_QIY_dvN9a8WLE4LIiRAxodMtXSetai2I-FcfOsfRm3in1akhbmSGMkaLFwzNrh_GFP7AJATjMPSGbYau41Ru6w77tZvHn5JQHyAdqFE9wVNF3BxVbFkcc-8uGL38dAyoz6KrXk-3FURjl-qXTQCm-NDRhEUnmKZW4uz6-9BtIIZiuC_exF8kW6-HUnabyjnJFq_nboZggiMfitSYXgOdv6L8ASLAFTBf01kFYhjpVDHdnT7hRxtpvm7p8OSz8XSuZeHffQ3ERcdVkgC6DhHjHp5nOHvkNY4sA8ZD9GUEZEJ8mEgrmmEuvu9DgsU0CWbm0qWdqPdP6kdIMrR1OabzQcWOItVDfKveyYquzQMPwM5mCKk9MVHXAMcDfw1prkNt4DnJDfw0d32glCkh_DkJA4djxO2f10tDjQrDtfWPFZCP_LPDqPT-hChpa-yF3PEiZpsXpI5sqRRT30w6tTcICyout2WCgI8wbOwh19LR36531mrRgIDJym_TfoG4hgR68zx_owP701utqebVhhz2s1jN7G_KMaQyxEOT0Qn-uomNLZ3WYUtnREQEYV-NNvJJCcfyhkhDh5J&cid=CAQSPAAvHhf_hHU_9ebkOyF1MG6M7Q5iGeuN3MY5xbRLdf2vuUnfAiTnX2OCu95GIlte29PF9EDxjtO6w94QuxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.sanook.com%2F&ds=l&xdt=1&iif=1&cor=1982051188129038800&adk=2975593753&idt=130&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 23:43:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
29213
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Jan 2024 23:43:56 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 500C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvhlGKpr_6iQac7R6180GEBiTQ7QFKON8fdGxk2MbqbiVRr7BgFxe-Ve52vGwYifWVX6xLiZzkDA-P-PX_scmdy0fqjJijz-g07JTlt7yQhloVxoCFfLTZr3Fj-96-Tj518MHwXKHnrti1w1Jl3SEI6stKnzZ5CCd2TEpsNn73C5S_zpOMwl-vf7Mj7lpYVOQwL1B42pHzTk59RKiC34gEwtE86cy2qMFeGEPuwqp-YgDGYfGo3mQvkR0qLbRsn0crSOcCpIlDs2_GexfaUi6cuO2qEtS1LVKw6S3svDsPI_atd3NNfDWDd9r1JNX8tt9N3DZLZDBWlXO7FK9M_0H5sNNeEDTGntPWBSZtiI26ffL3ojDJlRANm-1LpwEqdEkMIPVPD1gTePA-bOeYn2sCX2hfaKWl2Mn4GcP_7bibAIUIJV0Z_Pzl0-h8VCGmA0aLxSSjNQoxa8mmqVsHPc5AjqQGbEfP9c0g008eZ4d-PTIRytaoWMRs-TjOFUHeYQufa8jqzavz-5wSHhs--NU8B_rHEcoYgQlHYTLtN0WxpyLTxHTdTjc91z6QY7ToO2JPFkxEixJ1ekJmrVCpPYen5uJDZ9tkTMUwv8QsYg5Q2e87sQl9Y5WkwyPYejpvlzfgPToPCX2w3TEGvUhKKiYPV5h7dBtTyqUARx5v40PLsptstU3SIL-eBqZlKYoYgtbWI5g4Jc6VKvLTLYocQou1RtNAeTShfKXjMlXFZrx_L7eBEPWNlD2E-BK-XggOfQr_txPwuSfItTFPU1NmGu-_izsUzGVUahEVdcdjnK4qJW5RNdtAFcAE2mqGllbTB1gzuge17XxeuBwgRvMPwqtv1WJ41kcTv2HWKR6pK5RkbblvKF0bMlLkcWGATfowKkrShEPC5cuFzCCBv5yBjRBZLIG8SOadv-9Flp6V6um-uiLsi88nfQlf2ZRs0l57ZPkvREriZ4xJK6WXD7emcphrFxiUfduMRU8OlPvF49Z08GUSJTQ84a66oOeSmrjaKaGvS9zQ6p06zypuSLQvQijNkLnu9k1KwCLEjmyMA3-EFbYZXP02bzdTYHdQqtJ69Th3Tfccwu9Gkddnmd0AbKA9itCD5yL-d0RlF8rw9JHngHTwspB3rmSCanQcZ7zoWq6T27yyHqMphJe19goTAGQEuZOIIo3vkozKUraBVjhAnI8MUx6xp-vb2RGmzM7C2eMVIgUal_OKmB4y_592asBvWLF01DN6UmzweszE0J8eosVtJ-WTjkgWeiFLVxPLFfgaObuaEufbGeOaC4mbBMN5V6zx0-bALD43VVBnNv_wTd55DtcnfEvtAJHtvKuGfwX-oj7OQqv6XdhgHpWK0qJIUbfjW4JMEeg8MalPJJECu7ysBROZnv3bjwoqtAa6GuhzzYGuCgrcxeh5gc34LqfRMvQ4FloYrZNOLg-eLbI8SP3lXvyyzVLW71E3IXMA263mdG7agMNCJh8oA2JVdlRvxv5W1YSvAC33NhmzqKw&sai=AMfl-YR5c9gn-ChwcuuGOZii--cjIIuMzkiihzagKJgNbwPK9gu5NvCOF9xEKqo0LRNjAvUWNRjc0iagAI8eD01WGYN_B1I0WuhRHLxnJdx3V9x-v2DwiIzAPwQQ4TKVrApx5tArVicjDZ7QtCYVDVFv0ItW_EVDMkA9tmjOCG8YxQMGjNX-Un1D1zqpmN5d4dRgnVC5Ls0zTAybIwZEK4VRMdFORkHKunM-2p3_X9WnYRGub2dwhpr0m3yH82_N5tAoXH4ySxU&sig=Cg0ArKJSzKXKqq0E8oNqEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231207.07795&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMcyECf6v5V3t1GhuVsdHxrIcayLrmgUmRZX9XLntTqEgyolZVkfc4bmNuXeiKCEKi1RubXGx8yboRYre-3AL8gDnO7zd9CWVlmlmtL9IkNi-l3aALzHrLDy3FuufQEtlXPVqJI7w71vacdcOLZk7NXVDpm7F5K5B4qZE5P0m9jMDFiQ4&dbm_d=AKAmf-ApkotiIZjRsJX0yTXkEmx3iTPVhwXy1WWxfkfaMCIhmgWdujjKdwYw8TSaxnWDKnbHIJ-vXpO0lG4ot-83DuO60QT1O41f6855IeRsZmRKePMt7D-st6sA7qtzoLMPP_2FyUiw-BC0RdXD1XMAMYXZ1fmbFjJdHitVGhBeji1Bp9bvHOweLX4-3xBgPr3WyjzKj8KEkidvCBc2mjfKpRJGyenwma_Vw_gwNU0c6fcnkYce17qwH7hmPOsD7Az46K-Z-GumMcg6c9xaF0onSO-Fg03jTxEUUmrlf-xhfFnUAT2y85zBgpSM8ySZ2xB6Mp7BEkuAxyF3ose4b4Dxnltusbsgs8X2HExmoxx2dnUcwvkHYrxz09NLSOuC8Ee67uNxPkPLg1L0j1tsfsSkk79zhQnG1zPVa9NaoMV--KkXWJ8qBCKGWfGVZryVi1AeeZUGbrbnD0Cw7prqnHysTbadcC1b0CzPnAhh_YoNuD5WkXY8P3a7FZLIBYxJzFlg0ZEUXDgIaTYkc_vM-xfv1rGYSJ8RBseK3lV3H1yMt3OanT3phnDQCsRSl8EyyObcTU6J9g2IisnjzLPZEQjf9Lo412VinFxs7ZhMLTyyY1pl1bZz7HfLuA3_NN1KU0nHiasVyWEUMAajjNRr7cfpa9d9Av_EG5mJ2QGzQzaNxP9Viwiq34_R5B-uV2Zedt1eEVjP0WwVDdPFICnQSr5sg0JsQvQOfuJ0JXMM8LWF6AD_HxN6Lyj5NuceLuTd5rcXD8AASOICk8r2JF9MeGD4rkvN_x1cCoH_Rc4iSbs50IYn2wT-mXRAc6l1hLwv0nP7IKFBQVckqvwLBFR50-qZVokFsXi9A_4XWh-KI5mL8690umtYePJTl67zaRUVEGxp5j2iGEo43x3EmxPi4y8FjkV1Y8O7ITj-4hBRaO4tkqCYmt3MCN5ddZEeW-qWYKE_c2ugqr1RlNhflPUnF6x1laQ9omGJ2TcxrZelVWmuuf3BdorBbtJssxE4uXylXZKEGpFTziRJrzhi5Lq6AZ5KU3rU-krpf0mFr6xOtIAuQ8nSNHv2zCj9sABsweS9eiZEihHpxADb7aWTOugV4FZqHYofo5J2KGdtL5xSj2cZ4JutWWjYMFMj0Q9KykAC9IhM9elOrlTeoYfpcfHUym9m9agkSLh7Hn--rFlA4EvN4weXN97uRjoH6SSJjdEiiKrNoHv9jEID1UvO2DCrlcs7RHT1_B_miioaZ9HoaO9WScdFzoMl2qF8uWhraT-MhZse2MKBbzhSJVPR3hOI4IE1SiWsPhKRRD3IHQ5lmLE8_yu-1AJi_zRM-U3v422BtoLm8MwKk2U1CEy6XW8nZ7IuAvY1vBARqKpZRfoOiY-kJ2H6plpsvW-2orEFutwNqLH741xYquQPfia-Sbr_YD2TIkmejrz79vmD5QAPPH2sUe0Xt6fXlvHwYadJZIZtsK1kPOouQKld4dMQGYgBxHsSvYrFHQaRcCl931VsPf8hdXAUWTDbrpjjys3yaWnTyuWp0w2ba34iOAI-9KrUsPJ_ayOfeSOurkxJIeSMIbRyRTdRpG_wJqu4pvAeuqNISAsPjUe6NiFkXpTLTJNUV-iQoVaQ4jZZHokBx1vdiTxeoBh21erqTUHYVmra6seRU1Vrj61l9BSC3zvytT86b1E1_Tfk2FHR8Wgi-wyaMG3xx5WVnxiliMocCsS52chtXH6COxkUpvRD6a4EFoWeai7nRQLRTY39-D9W3YUMJAcZewubK4l607WPWnEQ2UT0G2VmFZIBeTwrWSJ508vmAV3ScM1sCKHstK0MrFV_eqshtqEy25rn5TPJBZM8pLxT6klwF9q0vLW9wiwRCpW823dlSayg4dYlresW9frUHJPT9y7J_eriyoO-0pjXKGw53e-cw3VR1V4dvZi_K_an1o691Lolb-9yJhCFjM0C3kWLWHQQDVniJ8k7tqUhWT1XdVz5_5EIPWplmLqngDDWnL8wfAkMjeMdI9UO-FSPG6h27C61CvMZ2mwX-6D-t0JrsbS8KJ9L5kc2LJ0jYS_S3jFRNgmT3gyul-sCl2ml6WER1kiMMIYFcYgaZ-xhehWdC02cJRRKpf_lD5eAImdTuo6YvhvHmGa--7UmzgcdcBVVCR_FqyaeIavsXQ9u9qp2sUUGHZNbjBgMy9DfBGYgCQRa6akSLu8FwUz5fmurwcsauq60mNOb-5E-Xb8SqtTuV7ALFKD_Ufjm97uIuFZXye3fVjhq4tBlaM3AlDWsLbqmX5nVnEzs5HocjGMtBtvbQF-x6eEZWM5t35PFcIh6Dk021Oi8vWRzDye2IZawlMwnfEM2pSpRWIWSo7EUd1raImkKlVk9QymhzZdbRStkj0JeQrDOBQqrmjqRr2WWUCuKGGrgBUJIahGjUOKGGofPQGqF84IjPd166pDBFSUHMIMTp65ONZCnKGAJ0nTTit_cTHzq0VRd-3WAb_CXB_YJefFivdd-Vv_-2vO87TXAuGab9LxpnyMzdTQKjFrajC8q5Nvci-lXkLW1NXKRQszzmg2UkwGi4OP6Lea80zxAPoT_6QA8QqfD4nqtX7d0Eqc82KJDO463yo1aSNhTiy9siQ8ifMhtXx9MOB-V90azjU4unG_A8VeinQ-BFZ9GcT_bby33fRD5cbtQBez6UlQ0MsxccHQHYH-KRDAW5FR4RQPeXR8Ln4MfzzMnh8_PyvRo_iVIXAUto5MNXsIq9Ny_oQOMWQGeaFS-MqSHy4xECzkBeIHfAJQLskAyhGWMKI9lYEa1h43D1ovTYUXnNJxl3Mx172k484FhdTcm-uqmI9chIcJ4pQR11sGfg0NCzEV3uhE_hMI5EIoPaFDbOUxFTzAp_CXig3rbfs-Q2o10Rf-C99wZ4ztAFlh0bRd_Yk_bNML6LjncheTuhCAU_dY-q2rC5knPE-IrkJU2O7CISom92UjjZw2TNVkfSuCZbfzq_faaWFyYk4YjVrSJaaggG5XJl1X89tRQvrT1DunXk9XbJywBKZHF5QdLcHZR-kHChKpCfPDQCJQaPL8u17O85o4mnxXbtBeGqWjUpor48zF4FPEuLaHn8nqqUIlHQCs9hkBD7dEeMcTdQdBc3YTUXFExCvp_K5dio7YckIMT6ic35bBTc_dcMmFaYq7fNN07b1tEzQcLy53uYICCzRDfHc8mMBA7lcqEXwBsZTsQa5lL6AfmqM_EZPU_xy9VKbiHd7c6T70G8CO0cRuKag0hZjed7pCmD817yvz0Dah9Kdzs_De4FOZ-esC-LBx9ID0qVwrpQpci1IfVnU38qtrf_NjGDA0eajAezAwjqgNwfDyons4xONln26icAUywsBbCsgiCHQYbBMRlA8wRsyoat77_4Flls_i8WJjIRcgQxsg9xfG6r1WoSd4hCnAJq6WbPCKiApmMzCAHxhqpPOuiPSTOLCI7rOXB0cBO3uaijQtIwUNa-QmEWhIfl1aoY-BwOVgEMQk-QVES67aAvbhXYPM1oBscw3uXdlvh2TyKieSTASKsERDg0vMkYWgllYEdbtFmwQngxSdymB-MQNxEutj1sJB9Ymiu95CNU3HjyzARWQmN-6AXcUCyAvKNnVUoF_qTFHvmkRi7dk7x-HAR4U32mL8m-9N9k10SBWHT_ZOMLftobLygKnYkftDZsXC7belbyZwn417ij5yxFQALa9JX-SWbY-EmvO-CCX_gQcbhw9v47_r9cHsv1JRqgYU4wEYw6N90e95CAwVq39cfNaK1C8AuM3FTsUWVWJNz5fs8_a_Zdu9IP-hhm9jAkGdqieY7ySiUaXsTkIfEIhzEDNO17ATGV8Zwn8VoStR-h9KoCS-0Dyse0QpL0PnyQx807hfv4mq_6Jj2syUuGdRE8ucYGboTlHDgDlL0AR5QaOlEVovwTAaoHVJvfFM5h-jo0ZW8FvWAONYPMhVLJHKchL77-CVn2EcktkepET7P5YXy1qzAnHltJMn3DNw76IPmgiKS7tZFZno0NS5UFDqxJZYpNjozvPeqI-Y2vAPhSYrR444HgtYP4uWn2EsV6-bdkZw31kQRaGt2H2qZde-f_QIY_dvN9a8WLE4LIiRAxodMtXSetai2I-FcfOsfRm3in1akhbmSGMkaLFwzNrh_GFP7AJATjMPSGbYau41Ru6w77tZvHn5JQHyAdqFE9wVNF3BxVbFkcc-8uGL38dAyoz6KrXk-3FURjl-qXTQCm-NDRhEUnmKZW4uz6-9BtIIZiuC_exF8kW6-HUnabyjnJFq_nboZggiMfitSYXgOdv6L8ASLAFTBf01kFYhjpVDHdnT7hRxtpvm7p8OSz8XSuZeHffQ3ERcdVkgC6DhHjHp5nOHvkNY4sA8ZD9GUEZEJ8mEgrmmEuvu9DgsU0CWbm0qWdqPdP6kdIMrR1OabzQcWOItVDfKveyYquzQMPwM5mCKk9MVHXAMcDfw1prkNt4DnJDfw0d32glCkh_DkJA4djxO2f10tDjQrDtfWPFZCP_LPDqPT-hChpa-yF3PEiZpsXpI5sqRRT30w6tTcICyout2WCgI8wbOwh19LR36531mrRgIDJym_TfoG4hgR68zx_owP701utqebVhhz2s1jN7G_KMaQyxEOT0Qn-uomNLZ3WYUtnREQEYV-NNvJJCcfyhkhDh5J&cid=CAQSPAAvHhf_hHU_9ebkOyF1MG6M7Q5iGeuN3MY5xbRLdf2vuUnfAiTnX2OCu95GIlte29PF9EDxjtO6w94QuxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.sanook.com%2F&ds=l&xdt=1&iif=1&cor=1982051188129038800&adk=2975593753&idt=130&cac=0&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 20 Dec 2023 07:50:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 500C 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMcyECf6v5V3t1GhuVsdHxrIcayLrmgUmRZX9XLntTqEgyolZVkfc4bmNuXeiKCEKi1RubXGx8yboRYre-3AL8gDnO7zd9CWVlmlmtL9IkNi-l3aALzHrLDy3FuufQEtlXPVqJI7w71vacdcOLZk7NXVDpm7F5K5B4qZE5P0m9jMDFiQ4&dbm_d=AKAmf-ApkotiIZjRsJX0yTXkEmx3iTPVhwXy1WWxfkfaMCIhmgWdujjKdwYw8TSaxnWDKnbHIJ-vXpO0lG4ot-83DuO60QT1O41f6855IeRsZmRKePMt7D-st6sA7qtzoLMPP_2FyUiw-BC0RdXD1XMAMYXZ1fmbFjJdHitVGhBeji1Bp9bvHOweLX4-3xBgPr3WyjzKj8KEkidvCBc2mjfKpRJGyenwma_Vw_gwNU0c6fcnkYce17qwH7hmPOsD7Az46K-Z-GumMcg6c9xaF0onSO-Fg03jTxEUUmrlf-xhfFnUAT2y85zBgpSM8ySZ2xB6Mp7BEkuAxyF3ose4b4Dxnltusbsgs8X2HExmoxx2dnUcwvkHYrxz09NLSOuC8Ee67uNxPkPLg1L0j1tsfsSkk79zhQnG1zPVa9NaoMV--KkXWJ8qBCKGWfGVZryVi1AeeZUGbrbnD0Cw7prqnHysTbadcC1b0CzPnAhh_YoNuD5WkXY8P3a7FZLIBYxJzFlg0ZEUXDgIaTYkc_vM-xfv1rGYSJ8RBseK3lV3H1yMt3OanT3phnDQCsRSl8EyyObcTU6J9g2IisnjzLPZEQjf9Lo412VinFxs7ZhMLTyyY1pl1bZz7HfLuA3_NN1KU0nHiasVyWEUMAajjNRr7cfpa9d9Av_EG5mJ2QGzQzaNxP9Viwiq34_R5B-uV2Zedt1eEVjP0WwVDdPFICnQSr5sg0JsQvQOfuJ0JXMM8LWF6AD_HxN6Lyj5NuceLuTd5rcXD8AASOICk8r2JF9MeGD4rkvN_x1cCoH_Rc4iSbs50IYn2wT-mXRAc6l1hLwv0nP7IKFBQVckqvwLBFR50-qZVokFsXi9A_4XWh-KI5mL8690umtYePJTl67zaRUVEGxp5j2iGEo43x3EmxPi4y8FjkV1Y8O7ITj-4hBRaO4tkqCYmt3MCN5ddZEeW-qWYKE_c2ugqr1RlNhflPUnF6x1laQ9omGJ2TcxrZelVWmuuf3BdorBbtJssxE4uXylXZKEGpFTziRJrzhi5Lq6AZ5KU3rU-krpf0mFr6xOtIAuQ8nSNHv2zCj9sABsweS9eiZEihHpxADb7aWTOugV4FZqHYofo5J2KGdtL5xSj2cZ4JutWWjYMFMj0Q9KykAC9IhM9elOrlTeoYfpcfHUym9m9agkSLh7Hn--rFlA4EvN4weXN97uRjoH6SSJjdEiiKrNoHv9jEID1UvO2DCrlcs7RHT1_B_miioaZ9HoaO9WScdFzoMl2qF8uWhraT-MhZse2MKBbzhSJVPR3hOI4IE1SiWsPhKRRD3IHQ5lmLE8_yu-1AJi_zRM-U3v422BtoLm8MwKk2U1CEy6XW8nZ7IuAvY1vBARqKpZRfoOiY-kJ2H6plpsvW-2orEFutwNqLH741xYquQPfia-Sbr_YD2TIkmejrz79vmD5QAPPH2sUe0Xt6fXlvHwYadJZIZtsK1kPOouQKld4dMQGYgBxHsSvYrFHQaRcCl931VsPf8hdXAUWTDbrpjjys3yaWnTyuWp0w2ba34iOAI-9KrUsPJ_ayOfeSOurkxJIeSMIbRyRTdRpG_wJqu4pvAeuqNISAsPjUe6NiFkXpTLTJNUV-iQoVaQ4jZZHokBx1vdiTxeoBh21erqTUHYVmra6seRU1Vrj61l9BSC3zvytT86b1E1_Tfk2FHR8Wgi-wyaMG3xx5WVnxiliMocCsS52chtXH6COxkUpvRD6a4EFoWeai7nRQLRTY39-D9W3YUMJAcZewubK4l607WPWnEQ2UT0G2VmFZIBeTwrWSJ508vmAV3ScM1sCKHstK0MrFV_eqshtqEy25rn5TPJBZM8pLxT6klwF9q0vLW9wiwRCpW823dlSayg4dYlresW9frUHJPT9y7J_eriyoO-0pjXKGw53e-cw3VR1V4dvZi_K_an1o691Lolb-9yJhCFjM0C3kWLWHQQDVniJ8k7tqUhWT1XdVz5_5EIPWplmLqngDDWnL8wfAkMjeMdI9UO-FSPG6h27C61CvMZ2mwX-6D-t0JrsbS8KJ9L5kc2LJ0jYS_S3jFRNgmT3gyul-sCl2ml6WER1kiMMIYFcYgaZ-xhehWdC02cJRRKpf_lD5eAImdTuo6YvhvHmGa--7UmzgcdcBVVCR_FqyaeIavsXQ9u9qp2sUUGHZNbjBgMy9DfBGYgCQRa6akSLu8FwUz5fmurwcsauq60mNOb-5E-Xb8SqtTuV7ALFKD_Ufjm97uIuFZXye3fVjhq4tBlaM3AlDWsLbqmX5nVnEzs5HocjGMtBtvbQF-x6eEZWM5t35PFcIh6Dk021Oi8vWRzDye2IZawlMwnfEM2pSpRWIWSo7EUd1raImkKlVk9QymhzZdbRStkj0JeQrDOBQqrmjqRr2WWUCuKGGrgBUJIahGjUOKGGofPQGqF84IjPd166pDBFSUHMIMTp65ONZCnKGAJ0nTTit_cTHzq0VRd-3WAb_CXB_YJefFivdd-Vv_-2vO87TXAuGab9LxpnyMzdTQKjFrajC8q5Nvci-lXkLW1NXKRQszzmg2UkwGi4OP6Lea80zxAPoT_6QA8QqfD4nqtX7d0Eqc82KJDO463yo1aSNhTiy9siQ8ifMhtXx9MOB-V90azjU4unG_A8VeinQ-BFZ9GcT_bby33fRD5cbtQBez6UlQ0MsxccHQHYH-KRDAW5FR4RQPeXR8Ln4MfzzMnh8_PyvRo_iVIXAUto5MNXsIq9Ny_oQOMWQGeaFS-MqSHy4xECzkBeIHfAJQLskAyhGWMKI9lYEa1h43D1ovTYUXnNJxl3Mx172k484FhdTcm-uqmI9chIcJ4pQR11sGfg0NCzEV3uhE_hMI5EIoPaFDbOUxFTzAp_CXig3rbfs-Q2o10Rf-C99wZ4ztAFlh0bRd_Yk_bNML6LjncheTuhCAU_dY-q2rC5knPE-IrkJU2O7CISom92UjjZw2TNVkfSuCZbfzq_faaWFyYk4YjVrSJaaggG5XJl1X89tRQvrT1DunXk9XbJywBKZHF5QdLcHZR-kHChKpCfPDQCJQaPL8u17O85o4mnxXbtBeGqWjUpor48zF4FPEuLaHn8nqqUIlHQCs9hkBD7dEeMcTdQdBc3YTUXFExCvp_K5dio7YckIMT6ic35bBTc_dcMmFaYq7fNN07b1tEzQcLy53uYICCzRDfHc8mMBA7lcqEXwBsZTsQa5lL6AfmqM_EZPU_xy9VKbiHd7c6T70G8CO0cRuKag0hZjed7pCmD817yvz0Dah9Kdzs_De4FOZ-esC-LBx9ID0qVwrpQpci1IfVnU38qtrf_NjGDA0eajAezAwjqgNwfDyons4xONln26icAUywsBbCsgiCHQYbBMRlA8wRsyoat77_4Flls_i8WJjIRcgQxsg9xfG6r1WoSd4hCnAJq6WbPCKiApmMzCAHxhqpPOuiPSTOLCI7rOXB0cBO3uaijQtIwUNa-QmEWhIfl1aoY-BwOVgEMQk-QVES67aAvbhXYPM1oBscw3uXdlvh2TyKieSTASKsERDg0vMkYWgllYEdbtFmwQngxSdymB-MQNxEutj1sJB9Ymiu95CNU3HjyzARWQmN-6AXcUCyAvKNnVUoF_qTFHvmkRi7dk7x-HAR4U32mL8m-9N9k10SBWHT_ZOMLftobLygKnYkftDZsXC7belbyZwn417ij5yxFQALa9JX-SWbY-EmvO-CCX_gQcbhw9v47_r9cHsv1JRqgYU4wEYw6N90e95CAwVq39cfNaK1C8AuM3FTsUWVWJNz5fs8_a_Zdu9IP-hhm9jAkGdqieY7ySiUaXsTkIfEIhzEDNO17ATGV8Zwn8VoStR-h9KoCS-0Dyse0QpL0PnyQx807hfv4mq_6Jj2syUuGdRE8ucYGboTlHDgDlL0AR5QaOlEVovwTAaoHVJvfFM5h-jo0ZW8FvWAONYPMhVLJHKchL77-CVn2EcktkepET7P5YXy1qzAnHltJMn3DNw76IPmgiKS7tZFZno0NS5UFDqxJZYpNjozvPeqI-Y2vAPhSYrR444HgtYP4uWn2EsV6-bdkZw31kQRaGt2H2qZde-f_QIY_dvN9a8WLE4LIiRAxodMtXSetai2I-FcfOsfRm3in1akhbmSGMkaLFwzNrh_GFP7AJATjMPSGbYau41Ru6w77tZvHn5JQHyAdqFE9wVNF3BxVbFkcc-8uGL38dAyoz6KrXk-3FURjl-qXTQCm-NDRhEUnmKZW4uz6-9BtIIZiuC_exF8kW6-HUnabyjnJFq_nboZggiMfitSYXgOdv6L8ASLAFTBf01kFYhjpVDHdnT7hRxtpvm7p8OSz8XSuZeHffQ3ERcdVkgC6DhHjHp5nOHvkNY4sA8ZD9GUEZEJ8mEgrmmEuvu9DgsU0CWbm0qWdqPdP6kdIMrR1OabzQcWOItVDfKveyYquzQMPwM5mCKk9MVHXAMcDfw1prkNt4DnJDfw0d32glCkh_DkJA4djxO2f10tDjQrDtfWPFZCP_LPDqPT-hChpa-yF3PEiZpsXpI5sqRRT30w6tTcICyout2WCgI8wbOwh19LR36531mrRgIDJym_TfoG4hgR68zx_owP701utqebVhhz2s1jN7G_KMaQyxEOT0Qn-uomNLZ3WYUtnREQEYV-NNvJJCcfyhkhDh5J&cid=CAQSPAAvHhf_hHU_9ebkOyF1MG6M7Q5iGeuN3MY5xbRLdf2vuUnfAiTnX2OCu95GIlte29PF9EDxjtO6w94QuxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.sanook.com%2F&ds=l&xdt=1&iif=1&cor=1982051188129038800&adk=2975593753&idt=130&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
395141
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 18:05:08 GMT
11281987606165646059
s0.2mdn.net/simgad/ Frame 500C 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11281987606165646059
Requested by
Host: 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
URL: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9165c80da56686b2a76368c54c8278662471d3c932fe6dced53ef01b327927e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 11:16:26 GMT
x-content-type-options
nosniff
age
506063
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27431
x-xss-protection
0
last-modified
Thu, 05 Oct 2023 15:39:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 13 Dec 2024 11:16:26 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 914F 		1 KB
645 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
URL: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
64879
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 13:49:30 GMT
etag
48472445140208031
expires
Wed, 20 Dec 2023 13:49:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 500C 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f2bbee18905a06e3899c21b5437cf261698ac93e723593050f3d257415514633

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 500C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvhlGKpr_6iQac7R6180GEBiTQ7QFKON8fdGxk2MbqbiVRr7BgFxe-Ve52vGwYifWVX6xLiZzkDA-P-PX_scmdy0fqjJijz-g07JTlt7yQhloVxoCFfLTZr3Fj-96-Tj518MHwXKHnrti1w1Jl3SEI6stKnzZ5CCd2TEpsNn73C5S_zpOMwl-vf7Mj7lpYVOQwL1B42pHzTk59RKiC34gEwtE86cy2qMFeGEPuwqp-YgDGYfGo3mQvkR0qLbRsn0crSOcCpIlDs2_GexfaUi6cuO2qEtS1LVKw6S3svDsPI_atd3NNfDWDd9r1JNX8tt9N3DZLZDBWlXO7FK9M_0H5sNNeEDTGntPWBSZtiI26ffL3ojDJlRANm-1LpwEqdEkMIPVPD1gTePA-bOeYn2sCX2hfaKWl2Mn4GcP_7bibAIUIJV0Z_Pzl0-h8VCGmA0aLxSSjNQoxa8mmqVsHPc5AjqQGbEfP9c0g008eZ4d-PTIRytaoWMRs-TjOFUHeYQufa8jqzavz-5wSHhs--NU8B_rHEcoYgQlHYTLtN0WxpyLTxHTdTjc91z6QY7ToO2JPFkxEixJ1ekJmrVCpPYen5uJDZ9tkTMUwv8QsYg5Q2e87sQl9Y5WkwyPYejpvlzfgPToPCX2w3TEGvUhKKiYPV5h7dBtTyqUARx5v40PLsptstU3SIL-eBqZlKYoYgtbWI5g4Jc6VKvLTLYocQou1RtNAeTShfKXjMlXFZrx_L7eBEPWNlD2E-BK-XggOfQr_txPwuSfItTFPU1NmGu-_izsUzGVUahEVdcdjnK4qJW5RNdtAFcAE2mqGllbTB1gzuge17XxeuBwgRvMPwqtv1WJ41kcTv2HWKR6pK5RkbblvKF0bMlLkcWGATfowKkrShEPC5cuFzCCBv5yBjRBZLIG8SOadv-9Flp6V6um-uiLsi88nfQlf2ZRs0l57ZPkvREriZ4xJK6WXD7emcphrFxiUfduMRU8OlPvF49Z08GUSJTQ84a66oOeSmrjaKaGvS9zQ6p06zypuSLQvQijNkLnu9k1KwCLEjmyMA3-EFbYZXP02bzdTYHdQqtJ69Th3Tfccwu9Gkddnmd0AbKA9itCD5yL-d0RlF8rw9JHngHTwspB3rmSCanQcZ7zoWq6T27yyHqMphJe19goTAGQEuZOIIo3vkozKUraBVjhAnI8MUx6xp-vb2RGmzM7C2eMVIgUal_OKmB4y_592asBvWLF01DN6UmzweszE0J8eosVtJ-WTjkgWeiFLVxPLFfgaObuaEufbGeOaC4mbBMN5V6zx0-bALD43VVBnNv_wTd55DtcnfEvtAJHtvKuGfwX-oj7OQqv6XdhgHpWK0qJIUbfjW4JMEeg8MalPJJECu7ysBROZnv3bjwoqtAa6GuhzzYGuCgrcxeh5gc34LqfRMvQ4FloYrZNOLg-eLbI8SP3lXvyyzVLW71E3IXMA263mdG7agMNCJh8oA2JVdlRvxv5W1YSvAC33NhmzqKw&sai=AMfl-YR5c9gn-ChwcuuGOZii--cjIIuMzkiihzagKJgNbwPK9gu5NvCOF9xEKqo0LRNjAvUWNRjc0iagAI8eD01WGYN_B1I0WuhRHLxnJdx3V9x-v2DwiIzAPwQQ4TKVrApx5tArVicjDZ7QtCYVDVFv0ItW_EVDMkA9tmjOCG8YxQMGjNX-Un1D1zqpmN5d4dRgnVC5Ls0zTAybIwZEK4VRMdFORkHKunM-2p3_X9WnYRGub2dwhpr0m3yH82_N5tAoXH4ySxU&sig=Cg0ArKJSzKXKqq0E8oNqEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=26&vt=11&dtpt=25&dett=2&cstd=0&cisv=r20231207.07795&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMcyECf6v5V3t1GhuVsdHxrIcayLrmgUmRZX9XLntTqEgyolZVkfc4bmNuXeiKCEKi1RubXGx8yboRYre-3AL8gDnO7zd9CWVlmlmtL9IkNi-l3aALzHrLDy3FuufQEtlXPVqJI7w71vacdcOLZk7NXVDpm7F5K5B4qZE5P0m9jMDFiQ4&dbm_d=AKAmf-ApkotiIZjRsJX0yTXkEmx3iTPVhwXy1WWxfkfaMCIhmgWdujjKdwYw8TSaxnWDKnbHIJ-vXpO0lG4ot-83DuO60QT1O41f6855IeRsZmRKePMt7D-st6sA7qtzoLMPP_2FyUiw-BC0RdXD1XMAMYXZ1fmbFjJdHitVGhBeji1Bp9bvHOweLX4-3xBgPr3WyjzKj8KEkidvCBc2mjfKpRJGyenwma_Vw_gwNU0c6fcnkYce17qwH7hmPOsD7Az46K-Z-GumMcg6c9xaF0onSO-Fg03jTxEUUmrlf-xhfFnUAT2y85zBgpSM8ySZ2xB6Mp7BEkuAxyF3ose4b4Dxnltusbsgs8X2HExmoxx2dnUcwvkHYrxz09NLSOuC8Ee67uNxPkPLg1L0j1tsfsSkk79zhQnG1zPVa9NaoMV--KkXWJ8qBCKGWfGVZryVi1AeeZUGbrbnD0Cw7prqnHysTbadcC1b0CzPnAhh_YoNuD5WkXY8P3a7FZLIBYxJzFlg0ZEUXDgIaTYkc_vM-xfv1rGYSJ8RBseK3lV3H1yMt3OanT3phnDQCsRSl8EyyObcTU6J9g2IisnjzLPZEQjf9Lo412VinFxs7ZhMLTyyY1pl1bZz7HfLuA3_NN1KU0nHiasVyWEUMAajjNRr7cfpa9d9Av_EG5mJ2QGzQzaNxP9Viwiq34_R5B-uV2Zedt1eEVjP0WwVDdPFICnQSr5sg0JsQvQOfuJ0JXMM8LWF6AD_HxN6Lyj5NuceLuTd5rcXD8AASOICk8r2JF9MeGD4rkvN_x1cCoH_Rc4iSbs50IYn2wT-mXRAc6l1hLwv0nP7IKFBQVckqvwLBFR50-qZVokFsXi9A_4XWh-KI5mL8690umtYePJTl67zaRUVEGxp5j2iGEo43x3EmxPi4y8FjkV1Y8O7ITj-4hBRaO4tkqCYmt3MCN5ddZEeW-qWYKE_c2ugqr1RlNhflPUnF6x1laQ9omGJ2TcxrZelVWmuuf3BdorBbtJssxE4uXylXZKEGpFTziRJrzhi5Lq6AZ5KU3rU-krpf0mFr6xOtIAuQ8nSNHv2zCj9sABsweS9eiZEihHpxADb7aWTOugV4FZqHYofo5J2KGdtL5xSj2cZ4JutWWjYMFMj0Q9KykAC9IhM9elOrlTeoYfpcfHUym9m9agkSLh7Hn--rFlA4EvN4weXN97uRjoH6SSJjdEiiKrNoHv9jEID1UvO2DCrlcs7RHT1_B_miioaZ9HoaO9WScdFzoMl2qF8uWhraT-MhZse2MKBbzhSJVPR3hOI4IE1SiWsPhKRRD3IHQ5lmLE8_yu-1AJi_zRM-U3v422BtoLm8MwKk2U1CEy6XW8nZ7IuAvY1vBARqKpZRfoOiY-kJ2H6plpsvW-2orEFutwNqLH741xYquQPfia-Sbr_YD2TIkmejrz79vmD5QAPPH2sUe0Xt6fXlvHwYadJZIZtsK1kPOouQKld4dMQGYgBxHsSvYrFHQaRcCl931VsPf8hdXAUWTDbrpjjys3yaWnTyuWp0w2ba34iOAI-9KrUsPJ_ayOfeSOurkxJIeSMIbRyRTdRpG_wJqu4pvAeuqNISAsPjUe6NiFkXpTLTJNUV-iQoVaQ4jZZHokBx1vdiTxeoBh21erqTUHYVmra6seRU1Vrj61l9BSC3zvytT86b1E1_Tfk2FHR8Wgi-wyaMG3xx5WVnxiliMocCsS52chtXH6COxkUpvRD6a4EFoWeai7nRQLRTY39-D9W3YUMJAcZewubK4l607WPWnEQ2UT0G2VmFZIBeTwrWSJ508vmAV3ScM1sCKHstK0MrFV_eqshtqEy25rn5TPJBZM8pLxT6klwF9q0vLW9wiwRCpW823dlSayg4dYlresW9frUHJPT9y7J_eriyoO-0pjXKGw53e-cw3VR1V4dvZi_K_an1o691Lolb-9yJhCFjM0C3kWLWHQQDVniJ8k7tqUhWT1XdVz5_5EIPWplmLqngDDWnL8wfAkMjeMdI9UO-FSPG6h27C61CvMZ2mwX-6D-t0JrsbS8KJ9L5kc2LJ0jYS_S3jFRNgmT3gyul-sCl2ml6WER1kiMMIYFcYgaZ-xhehWdC02cJRRKpf_lD5eAImdTuo6YvhvHmGa--7UmzgcdcBVVCR_FqyaeIavsXQ9u9qp2sUUGHZNbjBgMy9DfBGYgCQRa6akSLu8FwUz5fmurwcsauq60mNOb-5E-Xb8SqtTuV7ALFKD_Ufjm97uIuFZXye3fVjhq4tBlaM3AlDWsLbqmX5nVnEzs5HocjGMtBtvbQF-x6eEZWM5t35PFcIh6Dk021Oi8vWRzDye2IZawlMwnfEM2pSpRWIWSo7EUd1raImkKlVk9QymhzZdbRStkj0JeQrDOBQqrmjqRr2WWUCuKGGrgBUJIahGjUOKGGofPQGqF84IjPd166pDBFSUHMIMTp65ONZCnKGAJ0nTTit_cTHzq0VRd-3WAb_CXB_YJefFivdd-Vv_-2vO87TXAuGab9LxpnyMzdTQKjFrajC8q5Nvci-lXkLW1NXKRQszzmg2UkwGi4OP6Lea80zxAPoT_6QA8QqfD4nqtX7d0Eqc82KJDO463yo1aSNhTiy9siQ8ifMhtXx9MOB-V90azjU4unG_A8VeinQ-BFZ9GcT_bby33fRD5cbtQBez6UlQ0MsxccHQHYH-KRDAW5FR4RQPeXR8Ln4MfzzMnh8_PyvRo_iVIXAUto5MNXsIq9Ny_oQOMWQGeaFS-MqSHy4xECzkBeIHfAJQLskAyhGWMKI9lYEa1h43D1ovTYUXnNJxl3Mx172k484FhdTcm-uqmI9chIcJ4pQR11sGfg0NCzEV3uhE_hMI5EIoPaFDbOUxFTzAp_CXig3rbfs-Q2o10Rf-C99wZ4ztAFlh0bRd_Yk_bNML6LjncheTuhCAU_dY-q2rC5knPE-IrkJU2O7CISom92UjjZw2TNVkfSuCZbfzq_faaWFyYk4YjVrSJaaggG5XJl1X89tRQvrT1DunXk9XbJywBKZHF5QdLcHZR-kHChKpCfPDQCJQaPL8u17O85o4mnxXbtBeGqWjUpor48zF4FPEuLaHn8nqqUIlHQCs9hkBD7dEeMcTdQdBc3YTUXFExCvp_K5dio7YckIMT6ic35bBTc_dcMmFaYq7fNN07b1tEzQcLy53uYICCzRDfHc8mMBA7lcqEXwBsZTsQa5lL6AfmqM_EZPU_xy9VKbiHd7c6T70G8CO0cRuKag0hZjed7pCmD817yvz0Dah9Kdzs_De4FOZ-esC-LBx9ID0qVwrpQpci1IfVnU38qtrf_NjGDA0eajAezAwjqgNwfDyons4xONln26icAUywsBbCsgiCHQYbBMRlA8wRsyoat77_4Flls_i8WJjIRcgQxsg9xfG6r1WoSd4hCnAJq6WbPCKiApmMzCAHxhqpPOuiPSTOLCI7rOXB0cBO3uaijQtIwUNa-QmEWhIfl1aoY-BwOVgEMQk-QVES67aAvbhXYPM1oBscw3uXdlvh2TyKieSTASKsERDg0vMkYWgllYEdbtFmwQngxSdymB-MQNxEutj1sJB9Ymiu95CNU3HjyzARWQmN-6AXcUCyAvKNnVUoF_qTFHvmkRi7dk7x-HAR4U32mL8m-9N9k10SBWHT_ZOMLftobLygKnYkftDZsXC7belbyZwn417ij5yxFQALa9JX-SWbY-EmvO-CCX_gQcbhw9v47_r9cHsv1JRqgYU4wEYw6N90e95CAwVq39cfNaK1C8AuM3FTsUWVWJNz5fs8_a_Zdu9IP-hhm9jAkGdqieY7ySiUaXsTkIfEIhzEDNO17ATGV8Zwn8VoStR-h9KoCS-0Dyse0QpL0PnyQx807hfv4mq_6Jj2syUuGdRE8ucYGboTlHDgDlL0AR5QaOlEVovwTAaoHVJvfFM5h-jo0ZW8FvWAONYPMhVLJHKchL77-CVn2EcktkepET7P5YXy1qzAnHltJMn3DNw76IPmgiKS7tZFZno0NS5UFDqxJZYpNjozvPeqI-Y2vAPhSYrR444HgtYP4uWn2EsV6-bdkZw31kQRaGt2H2qZde-f_QIY_dvN9a8WLE4LIiRAxodMtXSetai2I-FcfOsfRm3in1akhbmSGMkaLFwzNrh_GFP7AJATjMPSGbYau41Ru6w77tZvHn5JQHyAdqFE9wVNF3BxVbFkcc-8uGL38dAyoz6KrXk-3FURjl-qXTQCm-NDRhEUnmKZW4uz6-9BtIIZiuC_exF8kW6-HUnabyjnJFq_nboZggiMfitSYXgOdv6L8ASLAFTBf01kFYhjpVDHdnT7hRxtpvm7p8OSz8XSuZeHffQ3ERcdVkgC6DhHjHp5nOHvkNY4sA8ZD9GUEZEJ8mEgrmmEuvu9DgsU0CWbm0qWdqPdP6kdIMrR1OabzQcWOItVDfKveyYquzQMPwM5mCKk9MVHXAMcDfw1prkNt4DnJDfw0d32glCkh_DkJA4djxO2f10tDjQrDtfWPFZCP_LPDqPT-hChpa-yF3PEiZpsXpI5sqRRT30w6tTcICyout2WCgI8wbOwh19LR36531mrRgIDJym_TfoG4hgR68zx_owP701utqebVhhz2s1jN7G_KMaQyxEOT0Qn-uomNLZ3WYUtnREQEYV-NNvJJCcfyhkhDh5J&cid=CAQSPAAvHhf_hHU_9ebkOyF1MG6M7Q5iGeuN3MY5xbRLdf2vuUnfAiTnX2OCu95GIlte29PF9EDxjtO6w94QuxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.sanook.com%2F&ds=l&xdt=1&iif=1&cor=1982051188129038800&adk=2975593753&idt=130&cac=0&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 8C3B 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
81442
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 09:13:27 GMT
expires
Wed, 18 Dec 2024 09:13:27 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 914F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDC-1uXHYWJRWtBgOEc9G0w&google_push=AXcoOmT6JdmdHj2VYu9OR8zT7-3jML3fCNmQlM7U53iWDPR1ksyxtyH3su...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDC-1uXHYWJRWtBgOEc9G0w&google_push=AXcoOmT6JdmdHj2VYu9OR8zT7-3jML3fCNmQlM7U53iWDPR1ksyxtyH3susokB_8iQuP3bPlCuTVXP-50jCD-FXM7jPiZO1O2Sk_
Requested by
Host: 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
URL: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-etou8220062-FRA
pragma
no-cache
date
Wed, 20 Dec 2023 07:50:49 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1703058649.109896,VS0,VE93
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDC-1uXHYWJRWtBgOEc9G0w&google_push=AXcoOmT6JdmdHj2VYu9OR8zT7-3jML3fCNmQlM7U53iWDPR1ksyxtyH3susokB_8iQuP3bPlCuTVXP-50jCD-FXM7jPiZO1O2Sk_
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 914F 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESENH-qBniKMGUioRA5rvVXic&google_cver=1&google_push=AXcoOmTU_U0IXcEyJJ-uhvIcX5FIBASxvaGN33KFQdYnnbSYEe2X05MmqWw5rY1v2wnLwR01VoBP_rkOlc2o2NMtl4agcIXf4UPh
Requested by
Host: 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
URL: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
98.98.134.241 -, , ASN (),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Wed, 20 Dec 2023 07:50:48 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
x.bidswitch.net/ Frame 914F 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPEys-axFZ9GyUR3E1tvuIA&google_cver=1&google_push=AXcoOmTYBH3z-sz90kQtzVtvHqhCFgMCVPV06VD7knznyz1Z3h_hPqHIbDv6WZecEowHGxI2BFxBFX7T2VxKEtR455hsMO8VXEH-
Requested by
Host: 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
URL: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.66.38 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 914F
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESELCmx638Q5PHqPcNy2gK8Lo&google_cver=1&google_push=AXcoOmQFm7sKnEufEoVXByZBz0dYq1kKZg_Pe3fW6ikBWN3-eB_uziTVMIy-g_YiA_yTPzKm3LGSeYoKSm7b7UZb6_X8wDe...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESELCmx638Q5PHqPcNy2gK8Lo&google_cver=1&google_push=AXcoOmQFm7sKnEufEoVXByZBz0dYq1kKZg_Pe3fW6ikBWN3-eB_uziTVMIy-g_YiA_yTPzKm3LGSeYoKSm7b7UZb6_X8w...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQFm7sKnEufEoVXByZBz0dYq1kKZg_Pe3fW6ikBWN3-eB_uziTVMIy-g_YiA_yTPzKm3LGSeYoKSm7b7UZb6_X8wDeoAvO_
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQFm7sKnEufEoVXByZBz0dYq1kKZg_Pe3fW6ikBWN3-eB_uziTVMIy-g_YiA_yTPzKm3LGSeYoKSm7b7UZb6_X8wDeoAvO_
Requested by
Host: 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
URL: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQFm7sKnEufEoVXByZBz0dYq1kKZg_Pe3fW6ikBWN3-eB_uziTVMIy-g_YiA_yTPzKm3LGSeYoKSm7b7UZb6_X8wDeoAvO_
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 914F
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESED...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmSskrsWBtmuXAhqfNIKp5LQ8X7agbppccikA-QEuoZILPj-gj6qDhGN1jwckUJTyiiLRYEvopPvXqZTd9MGuNgmevqPyMCx&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-54555fa4-b080-4835-a2f7-ad1e9f0f04ef-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSskrsWBtmuXAhqfNIKp...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSskrsWBtmuXAhqfNIKp5LQ8X7agbppccikA-QEuoZILPj-gj6qDhGN1jwckUJTyiiLRYEvopPvXqZTd9MGuNgmevqPyMCx&google_hm=A1RVX6SwgEg1ovetHp8PBO8
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSskrsWBtmuXAhqfNIKp5LQ8X7agbppccikA-QEuoZILPj-gj6qDhGN1jwckUJTyiiLRYEvopPvXqZTd9MGuNgmevqPyMCx&google_hm=A1RVX6SwgEg1ovetHp8PBO8
Requested by
Host: 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
URL: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSskrsWBtmuXAhqfNIKp5LQ8X7agbppccikA-QEuoZILPj-gj6qDhGN1jwckUJTyiiLRYEvopPvXqZTd9MGuNgmevqPyMCx&google_hm=A1RVX6SwgEg1ovetHp8PBO8
date
Wed, 20 Dec 2023 07:50:49 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX54555fa4b0804835a2f7ad1e9f0f04ef003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 914F
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEN3La_jqE388aunVRt6WQTE&google_cver=1&google_push=AXcoOmTbVWzOv0OImZNpX3Uhkh7HugqRh_ZuXgACQ0DM3ZxHq5P5CLwPzuPhiS00J3UEoVpfOiKMAJp6Rg_gaqFzFD_U9GzXW3U
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTbVWzOv0OImZNpX3Uhkh7HugqRh_ZuXgACQ0DM3ZxHq5P5CLwPzuPhiS00J3UEoVpfOiKMAJp6Rg_gaqFzFD_U9GzXW3U...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY0OTYwOTgxNTA3NDAxMDI5MzAwNw%3D%3D&google_push=AXcoOmTbVWzOv0OImZNpX3Uhkh7HugqRh_ZuXgACQ0DM3ZxHq5P5CLwP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY0OTYwOTgxNTA3NDAxMDI5MzAwNw%3D%3D&google_push=AXcoOmTbVWzOv0OImZNpX3Uhkh7HugqRh_ZuXgACQ0DM3ZxHq5P5CLwPzuPhiS00J3UEoVpfOiKMAJp6Rg_gaqFzFD_U9GzXW3U
Requested by
Host: 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
URL: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY0OTYwOTgxNTA3NDAxMDI5MzAwNw%3D%3D&google_push=AXcoOmTbVWzOv0OImZNpX3Uhkh7HugqRh_ZuXgACQ0DM3ZxHq5P5CLwPzuPhiS00J3UEoVpfOiKMAJp6Rg_gaqFzFD_U9GzXW3U
date
Wed, 20 Dec 2023 07:50:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/match/ Frame 914F
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECtc_w2OOXUtUoeV1zVnjOw&google_cver=1&google_push=AXcoOmSG-C85ZP4xgE7tanICFKIE-EO9Xwh0FMGqxjibTW5OfztPvmCvf2jQktpwk2SVu5yPXF8bI2d2Y-2...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSG-C85ZP4xgE7tanICFKIE-EO9Xwh0FMGqxjibTW5OfztPvmCvf2jQktpwk2SVu5yPXF8bI2d2Y-2LC0LhoKp3KP9btcUu
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
URL: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.253 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 914F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IjI7e5-65TonB3xwiRR5bre-C3gDc2FYH11YiAye6vECk3gQBQHRVpgPh5JXGNzVNZUVFi-w
Requested by
Host: 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
URL: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 07:50:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 8C3B 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 09:20:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
81042
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Dec 2024 09:20:07 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=3602116451209563&vrg=202312060101&nw_id=4899711%2C21751243814%5C%2C4899711&nslots=6&eid=31079240%2C676982961&pub_url=https%3A%2F%2Fwww.sanook.com%2F&qid=CN7pjO7DnYMDFSUWVQgdnpwP_Q&iu=%2F21751243814%2C4899711%2F55034-300-250-1&e=0&ret=300x250&req=320x50%7C300x250%7C250x250%7C200x200&bm=0&efh=0&stk=0&ifi=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C3B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BeJW72JyCZZr9PPypjuwPi-2Z0AsAAAAAOAHgBAI&bg=!6Oul66TNAAY3kmNgF5I7ADQBe5WfOO4FhzJi2cCYAoAMAo9lFHeUHfxN5hhSnD4glw3VL0AQtKi9kQJtRGm-uPFavsftAgAAADdSAAAAAWgBB5kDQfg3K11GRseg046PktPmkEUc3xW4HTNLxSKJgG5U7_ESwdj8CW2XPrwKRjB-U--n_sc8g0E7DKJSWaAm_45rWhlsBlj3wtkRYjL5-IYwY8YwB5jxr55R-3q0ojec9zW0jaKpA4MAN1oi6PLh9r66_9ymkQnWrcxJPCkbNTH9xYxSQYcXuO0FbI4I5kZS4pAdVprUSV6UOuVH5o5wo7XjMV4DA1-9DIQqrbzkuyQ77lEhkRG5EtzAfQoWlTBFF7mn5bc2aKKPHYkTyUoNEnihvlmJ-LTjKKVGnQ8C4WCzQs8C-OpT-jfmd-os8PYC8KZ6-nf1sh_YpOf7DFgtiApKe1rMtvPClgWXy1aIZE8WXNDOGiIw0jSk11F-fOA-knIKTy2RK-RC9UL_9kAQ0LRUYWjAP86qLJjDpVADvH1-LSsLaPDSQYaDzuysmOBxESFXi39fITeenl1IPxMW7BFG8HnKLcG26-cRMaFI3evwkK9tF5Ulg5ouQxecoRmnJWF5tB21ECfNFd8Jl8BANvJVRc1bV0tIIl8HtzaZY284pAQfdlfzCSZrn5pXFW3yn3ljP4aDWpaQAZYMeWBdcIViiuuDXGpZ0Hu3z3WBbkSrkr5vYnpbqLrfqJtcYwpd-clnce9E6cqbY14K0r4nALJrNdmdi99wVW1nhthhZyooAvxX0bm-TbWbbV8cQhas1JamYxl-gBeaZ1IC6MZrZMyefUS3Qwl3B632WkH8Vks9hMtdK1A84pfoZf99H0WHjTloz0A9lJXsSxYnYIPMvVitvIjIsg3BKufn3DeQ5nuu_3o5tjVBIjq6_3hO1K47cGmwInEXueG5ng--3QRLtSIFtuju-FWAGxlrZhvMX-lF5pUa-ou9vWCCeN78h7i5VpQG66R5WDm-hV-WgZRCipqp9PeVU_F82qpmIIRJ8qpa2S32zM8uPkBqZzdrMm8ywhzGVFV7hxL5ebYXZUu7i-2A7D1PzwJLxTTQoOyQ6l1-uMocnAWUrsikwJ6kDz3TRcFXwMIcwZheYiXpNbVwgLkrlj2T_rkh2qsiHu09oUDI7T_WOnb1AB5DitC6tVwvL2B_sis-MOmCWC5vjb9sPGwxw_XT
Requested by
Host: 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
URL: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4.js
static.adsafeprotected.com/ Frame 500C
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1701938/75545082/4.js?ias_dspID=3&ias_campId=1014402368&ias_pubId=pub-8731210765202237&ias_chanId=1&ias_placementId=20630548969&bidurl=https://www.sanook.com/&...
  • https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=gcc_2JyCZZr9PPypjuwPi-2Z0As&cbFunctionName=goog_wrapCb_2JyCZZr9PPypjuwPi-2Z0As&true_pb=
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=gcc_2JyCZZr9PPypjuwPi-2Z0As&cbFunctionName=goog_wrapCb_2JyCZZr9PPypjuwPi-2Z0As&true_pb=
Requested by
Host: 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
URL: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:2304:a000:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 19:37:42 GMT
x-amz-version-id
vKEhI2DDF7x4y1d6KCleNAEq1uB6J8K1
content-encoding
gzip
via
1.1 745bd6e0dfe1d054bf9397c4a6fbc612.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
age
562388
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Wed, 13 Dec 2023 19:37:39 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
v1BZ5GmDJ-9YAQUdU_JLiL3c865-RtDExj_yzdep9uFjzhLkkeISdA==

Redirect headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:49 GMT
server
nginx
x-server-name
app17.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=gcc_2JyCZZr9PPypjuwPi-2Z0As&cbFunctionName=goog_wrapCb_2JyCZZr9PPypjuwPi-2Z0As&true_pb=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 1749 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
URL: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:a000:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 01:38:18 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 745bd6e0dfe1d054bf9397c4a6fbc612.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
age
24732751
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
E0eDxvOCksq_StJmQ_iFZmXAOAXn3qjFovRiT-HT7C_wuaQCzg3I1g==
dt
dt.adsafeprotected.com/ Frame 500C 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1701938&asId=e2a4f5b4-b4cf-6c64-c205-f820b0ae8978&tv=%7Bc:xkdaCs,pingTime:-3,time:30,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:12%7D,%7Bpiv:0,vs:o,r:l,t:30%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:31,n:30,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:12,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B25~1,0~0%5D,as:%5B25~300.250%5D%7D%7D,%7Bsl:o,t:30,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tYXOx4S+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j1%7C1j2%7C1j3%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p*.1701938-75545082%7C1p1%7C1p2%7C1p3,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:13%7D&br=c
Requested by
Host: 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
URL: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:555f:ca72:a70a:758f -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:49 GMT
server
nginx
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 500C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1701938&asId=e2a4f5b4-b4cf-6c64-c205-f820b0ae8978&tv=%7Bc:xkdaCu,pingTime:-6,time:32,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:32,n:30,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:12,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B25~1,0~0%5D,as:%5B25~300.250%5D%7D%7D,%7Bsl:o,t:30,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tYXOx4S+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j1%7C1j2%7C1j3%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p*.1701938-75545082%7C1p1%7C1p2%7C1p3,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:13%7D&tpiLookup=ao:www.sanook.com*&br=c
Requested by
Host: 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
URL: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:555f:ca72:a70a:758f -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:49 GMT
server
nginx
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 500C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1701938&asId=e2a4f5b4-b4cf-6c64-c205-f820b0ae8978&tv=%7Bc:xkdaCy,pingTime:-2,time:36,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:604,beZ:605,mfA:607,cmA:608,inA:608,inZ:610,prA:610,prZ:614,si:617,poA:618,poZ:631,cmZ:631,mfZ:631,loA:636,loZ:637,ltA:640,ltZ:640%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:true,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:12%7D,%7Bpiv:0,vs:o,r:l,t:30%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:36,n:30,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:12,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B25~1,0~0%5D,as:%5B25~300.250%5D%7D%7D,%7Bsl:o,t:30,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B6~0%5D,as:%5B6~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tYXOx4S+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j1%7C1j2%7C1j3%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p*.1701938-75545082%7C1p1%7C1p2%7C1p3,idMap:1p*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,siq:13,sinceFw:22,readyFired:true%7D&br=c
Requested by
Host: 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
URL: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:555f:ca72:a70a:758f -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:49 GMT
server
nginx
x-server-name
dt25.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 500C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1701938&asId=e2a4f5b4-b4cf-6c64-c205-f820b0ae8978&tv=%7Bc:xkdaCZ,time:63,type:e,env:%7Bccd:%7Bversion:1,uspString:1---%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:26,o:37,n:30,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:12,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B25~1,0~0%5D,as:%5B25~300.250%5D%7D%7D,%7Bsl:o,t:30,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B7~0%5D,as:%5B7~300.250%5D%7D%7D,%7Bsl:i,t:37,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:99,obst:0,th:0,reas:,bkn:%7Bpiv:%5B26~75%5D,as:%5B26~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tYXOx4S+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j1%7C1j2%7C1j3%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p*.1701938-75545082%7C1p1%7C1p2%7C1p3,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:13%7D&br=c
Requested by
Host: 18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
URL: https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:555f:ca72:a70a:758f -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 07:50:49 GMT
server
nginx
x-server-name
dt24.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 500C 		0
0
weir.jpg
s.isanook.com/fi/0/fp/393/1968545/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/fp/393/1968545/weir.jpg?ip/crop/w555h333/q80/jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 05:14:26 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
x-cache-lookup
Cache Hit
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Lego Server
age
0
content-type
image/jpg
cache-control
max-age=2592000
x-nws-log-uuid
12031771169801421309
accept-ranges
bytes
content-length
44052
expires
Fri, 19 Jan 2024 05:14:26 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuHUSdtBFj3PTRfpvuhPDXKSYRGuYhGKR1T18LdmfLJhn3KTwh9-BiYkf7Hkg8F0f_wHM8zhjridnUd_hE2L9K5f6He1wm9Lx5ezZKOYYLL4mbFwZyZyuVPVn1XKK0nFiWCe4HpZqU7OkWpJSQg82UaafSc&sai=AMfl-YR_mbf1HlJ6UPRn1ZfWdsScSMeQ9pUaotig6jfU6O2PWq_YOy3LZaJRg1ohgLhX8cDPwgbvZU91r5t_Lzfq-k0PTwh3_tF2UW9rhBIHync2it3t_QovODZ-OuOI2afE7my3CC9jt5tRghbG3nYC&sig=Cg0ArKJSzFxtLFfWIghqEAE&cid=CAQSTgAvHhf_nuUp5SMi1ZrZ4yV_Im09gh7jXMdxBXndfTiTF3FJCWXcp5JHYMgreVSBidyIz90csl7EdQPcLWth5MIPTaZNerMj6yiSXfU5CRgB&id=lidartos&mcvt=25546&p=950,1033,1200,1333&mtos=25546,25546,25546,25546,25546&tos=25546,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4033539290&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=b&rst=1703058621755&rpt=416&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?advEntityId=1701938&asId=e2a4f5b4-b4cf-6c64-c205-f820b0ae8978&tv=%7Bc:xkdaIp,pingTime:-10,time:399,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1703058649632%7C%7C1ac4e9800586ed085a4ebe331062a1c3%7C%7Cf5ef61ca1e560a2377dfd6c236fd3eb9%7C%7Cea4acf023dd546c3ac2a0f15405f5137%7C%7C442a1a48659c96118cec4c39f93abd1d%7C%7C48e193bb42cdc4d77446eaf8801246cb%7C%7Cb8fcd56e94ae72a32686f52cda55614b%7C%7C5804b122621b1f78e1f0669fdc66f8ce%7C%7C1663701684%7D

Verdicts & Comments Add Verdict or Comment

972 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| documentPictureInPicture object| objGTMInitialValue object| smiData object| adsCookieRegex boolean| GTMFirstLoad object| dataLayer function| getPage object| THwhitelist boolean| THFirstLoad string| page string| SanookAnalyticsObject function| snSAL number| m function| fbq function| _fbq function| Hood object| __tblPushGlobals object| _taboola object| _taboola_notifications function| showTBLPushPrompt object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_145 object| Criteo object| Criteo_145 object| NREUM object| webpackChunk:NRBA-1.246.1.PROD object| newrelic function| NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL object| google_tag_manager object| google_tag_data object| ad boolean| adblockTracker object| GooglebQhCsO string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData function| _UA-8147095-6_sendHitTask object| webpackChunk_N_E object| regeneratorRuntime object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| next object| _N_E function| __NEXT_PRELOADREADY object| __consolidated_events_handlers__ object| googletag object| __BUILD_MANIFEST object| __SSG_MANIFEST string| DataCollectionObject function| datCol object| PWT object| innityDataLayer object| _comscore string| hash string| turlnameindex string| _hsv string| _ht string| _ctg string| _hc number| __thflag undefined| stat_frm string| truehitsurl object| tga number| VisitorT number| onSeconds string| p_cookie function| truehits_set_no_cookie function| truehits_set_accept_cookie function| getLogonTime function| getLogoffTime function| path_cookie function| logon_getcookie function| Tracker function| _rdId function| _toHex function| _gsc function| _Hash function| _ref function| collector function| th_ajax_tracker function| domain_cmp string| __th_page string| udf string| arg string| _narg string| rf string| truehitsurl_top object| th_img object| th_link object| innitytagmgr boolean| bG57b51f2f1c51b15b6d1e8553 object| _innityq object| owpbjsChunk object| owpbjs object| _pbjsGlobals object| partnersWithoutErrorAndBids object| matchedimpressions object| ucTag object| OWT string| partnerName string| key object| COMSCORE object| ns_p object| _innity_wtl object| _innityoq object| V object| _iampt number| dz boolean| bG5f47736a47e7049801000002 object| ggeac object| google_js_reporting_queue boolean| google_measure_js_timing object| msgData object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MzI0YWQ4Nzc3YWIyYWE3NmxvYWRlcl9qcw== string| MzI0YWQ4Nzc3YWIyYWE3NmNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady number| google_unique_id object| Criteo_identitytag_145 object| pbjs function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| __uid2SecureSignalProvider object| __uid2 object| ox_esp number| time_interval number| geopercent number| geoedge number| min_view_andbeyond number| min_view number| timebased_refresh_andbeyond number| hijackabm number| unfilledabm object| andbeyondnewarray number| residual number| residual2 number| refresh_andbeyond number| number number| refresh number| iframes string| machine_rules object| label_adapter_video object| label_adapter_display object| config_rtb object| adapter_rtb_new string| home_country object| adunit_network function| getQueryString_val_new object| myElementrtbtracker string| sitemainurlandbyeond undefined| andbeyondhttp function| getQueryString_val object| andbeyonddebug object| observ object| slot_vis object| start_time object| total_vis string| country_rtb1 string| city_rtb string| city_ip string| city_region string| Countrytimezone number| timedate1 number| andstatus300 number| andstatus3001 number| prebid_active number| newtestunitcount number| adlooksstatus number| adlooksstatus1 number| adloox_fraud number| andbeyondadult string| timezonename number| newunitcallback number| width number| height object| block_url number| size3001status number| size3002status number| size3003status number| size3004status number| size3005status number| size3006status number| size3007status number| size3008status number| size3009status number| size30010status number| size30011status number| size30012status number| size30013status number| size30014status number| size30015status number| size30016status number| size30017status number| size30018status number| size30019status number| size30020status number| size30021status number| size30022status number| size30023status number| size30024status number| size30025status number| size30026status number| size30027status number| size30028status number| size30029status number| size30030status number| size30031status number| size30032status number| size30033status number| size30034status number| size30035status number| size30036status number| size30037status number| size30038status number| size30039status number| size30040status number| size30041status number| size30042status number| size30043status number| size30044status number| size30045status number| size6001status number| size6002status number| size6003status number| size6004status number| size6005status number| size6006status number| size6007status number| size6008status number| size60010status number| size7281status number| size7282status number| size7283status number| size7284status number| size7285status number| size7286status number| size7287status number| size7288status number| size7289status number| size72810status number| size72811status number| size72812status number| size72813status number| size72814status number| size72815status number| size72816status number| size72817status number| size72818status number| size72819status number| size72820status number| size72821status number| size72822status number| size72823status number| size72824status number| size72825status number| size9701status number| size9702status number| size9703status number| size9704status number| size9705status number| size9706status number| size9707status number| size9708status number| size9709status number| size97010status number| size9702501status number| size9702502status number| size9702503status number| size9702504status number| size9702505status number| size9702506status number| size9702507status number| size9702508status number| size9702509status number| size97025010status number| size1201status number| size1202status number| size1203status number| size1204status number| size1205status number| size1206status number| size1601status number| size1602status number| size1603status number| size1604status number| size1605status number| size1606status number| size1607status number| size1608status number| size1609status number| size3201status number| size3202status number| size3203status number| size3204status number| size3205status number| size3206status number| size3207status number| size3208status number| size3209status number| size32010status number| size32011status number| size32012status number| size32013status number| size32014status number| size32015status number| size32016status number| size32017status number| size32018status number| size32019status number| size32020status number| size32021status number| size1001status number| size1002status number| size1003status number| size1004status number| size1005status number| size1006status number| size1007status number| size1008status number| size1009status number| size10010status number| size4681status number| size4682status number| size4683status number| size4684status object| label_adapter number| tier2 number| tier3 number| globalandbeyond number| factor_internal number| timebased number| timebased_refresh number| timer_refresh number| factor_visible number| factor_tier1 number| factor_tier2 string| factor_tier1_text string| factor_tier2_text string| no_refresh boolean| detectPartial number| highcpm number| highcpm1 number| windowwandtest number| strategy number| myVar number| randomval1 number| network1 number| network2 number| percent1 number| namemc number| windowwidth2 number| PREBID_TIMEOUT_NEW number| floor number| ref object| rtbpbjs object| divandbeyond number| andbeyondtotalSeconds number| andbeyondtotalSeconds1 undefined| andbeyondtimestop boolean| idleStates object| idleTimers object| a9slots object| block_domain_creative string| pathurl12 number| geoindiablock object| and_geo_block number| prebidurlbind object| adUnitsregular object| debug undefined| adunitmock undefined| adUnitsfirst undefined| adUnitsvideo number| geoedgeinterval string| url1 string| country function| adloox_pubint_timeout string| toisiteurl number| windowwidth1 number| geoedgeinterval2 number| localandbeyond number| windowwidth number| global_refresh number| newid number| flag2 number| refresh_time1 number| refresh_time number| refresh_time2 number| hijackinterval2 object| isMobile1 string| osdevice number| randomvaldatatest string| url22 string| urlmob1 number| globalcount number| sanooktest1 number| globalinterval function| checkeractivenew function| bidder_restrict function| callnative function| encodenativeurl function| callvideo function| calcTime function| isInteger function| myTimer function| isVisible function| bidadjust1 function| andbeyonddisps function| addListenerMulti function| blackbox function| refreshBid1rtb function| refreshBid2 object| aff_var number| floorlogic object| bidder_allowed_native object| bidder_allowed_video object| apstag object| adUnitand12 object| playersize number| pos string| native string| context number| count number| j object| adunit object| size string| code string| code1 number| flagsize object| temp1 object| bids object| bid string| temp number| flag string| adapt_temp object| params string| param1_name_video string| param2_name_video string| param3_name_video string| param4_name_video string| param1_value_video string| param2_value_video string| param3_value_video string| param4_value_video string| param1_name string| param1_value string| param2_name string| param2_value string| param3_name string| param3_value string| param4_name string| param4_value string| param5_name string| param5_value undefined| label object| adloox_pubint object| ignore number| current_time number| refreshval number| number5 string| Ct string| At string| cd35 string| cd36 string| Oe string| Ce string| Ae string| Te string| Ee string| Le string| Ie string| Pe string| Ve string| Me string| Ne string| De string| Re string| He string| Be function| Fe function| $e object| qe function| ze function| Ge function| Xe function| We function| Ue function| Ke boolean| Ze function| Je function| Ye function| Qe function| tn function| en function| nn function| rn function| an function| on object| sn object| cn function| un object| saplugins object| saGlobal object| _aps boolean| apstagLOADED object| apscustom object| lotame_sync_16576 function| ha function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_oa object| sync16576_xa object| sync16576_ya function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_J function| sync16576_K function| sync16576_L function| sync16576_la function| sync16576_ma function| sync16576_na function| sync16576_M function| sync16576_N function| sync16576_pa function| sync16576_O function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_P function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_Q function| sync16576_R function| sync16576_za function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_Aa function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Ea function| sync16576_Ba function| sync16576_1 function| sync16576_Da function| sync16576_Ca function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Ga function| sync16576_Ha function| sync16576_Ja function| sync16576_Fa function| sync16576_7 function| sync16576_Ia function| sync16576_La function| sync16576_Ka function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_Pa function| sync16576_$ function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa function| sync16576_Ta object| ID5 object| __id5_instances object| hadron boolean| __halo_loaded__ number| iframe1 string| iframeid number| len string| pos123 number| size300 number| size250 number| size600 number| size728 number| size160 number| size120 number| size970 number| size90 number| size320 number| size50 number| size336 number| size280 number| size100 number| size640 number| size480 number| size1150 number| sizehp11 number| sizehp12 number| sizehp13 number| sizehp18 number| sizehp14 number| sizehp15 number| sizehp16 number| sizehp17 number| sizehp19 number| sizehp21 number| sizehp22 number| sizehp23 number| sizehp20 number| sizehp7 number| hijack string| h2 object| json string| test string| d1 string| a1 string| c1 string| v1 string| s1 string| h1 string| si1 number| d string| timezone number| current_hour2 string| safeframe number| custome_axt number| nextactive object| PublisherCommonId object| au boolean| cc28f190-7578-402f-8e61-5aa1f1ee29ad number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| google_reactive_ads_global_state object| adsbygoogle string| google_user_agent_client_hint object| rtbpbjsChunk object| _rtbpbjsGlobals object| ADAGIO object| invibes object| mnet string| nobidVersion object| nobid number| success number| timeflag string| idnew2 number| knew number| newidflag string| vs3 number| nextpassive number| time_refreshunit number| nextnumber number| passivergptbillboard3 number| activergptbillboard3 number| time_refreshunitrgptbillboard3 number| nextnumberrgptbillboard3 number| newflag number| diff number| flagnewone number| passivergptreca4 number| activergptreca4 number| time_refreshunitrgptreca4 number| nextnumberrgptreca4 number| passivergptSkyscraper5 number| activergptSkyscraper5 number| time_refreshunitrgptSkyscraper5 number| nextnumberrgptSkyscraper5 number| passivergptleaderboard6 number| activergptleaderboard6 number| time_refreshunitrgptleaderboard6 number| nextnumberrgptleaderboard6 number| passivergptuniversalb2 number| activergptuniversalb2 number| time_refreshunitrgptuniversalb2 number| nextnumberrgptuniversalb2 object| GoogleGcLKhOms object| google_image_requests object| request number| flag_active number| flag6 number| factortier1 number| factortier2 number| factortier3 number| size250se number| size200 number| size1050 number| size159 number| size360 number| size10501 number| size980 number| size1003 number| size80 number| size70 number| size468 number| size1090 number| size60 number| sizebillboard number| size363 number| size256 number| m1 number| m2 number| m3 number| m4 number| m5 number| m6 string| adunit3 string| adunit333 string| adunit2 number| countrgptreca4 number| tempval number| strategy2 number| flag4 number| status300new number| statusrgptreca4new number| stat string| id2 string| andbeyonddivrgptreca4 number| andbeyondwidthrgptreca4 number| andbeyondheightrgptreca4 number| countandbeyond3001 number| activeandbeyond3001 number| passiveandbeyond3001 number| time_refreshunitandbeyond3001 number| nextnumberandbeyond3001 number| counterefreshandbeyond3001 number| startdate number| mseconds number| crontime object| timerefreshand number| status_bad object| id1 string| aff string| pos1 string| text number| width1 number| height1 number| width2 object| andbeyond3001 number| strategy2andbeyond3001 number| strategy2widthandbeyond3001 number| strategy2heightandbeyond3001 number| strategy2typeandbeyond3001 number| strategy2counterandbeyond3001 string| adunit2andbeyond3001 string| zonename object| labelnew string| device object| restrict_bidder object| temp_ar undefined| temp_ar_new object| temp_ar_new1 string| keyname_new string| label_temp object| keyname_temp string| temp_val number| tempnetwork object| temp_net number| videoa9flag number| widthidandbeyond3001 number| heightidandbeyond3001 string| temp_caps number| flagvideo number| VIDEOFLAGandbeyond3001 object| sas object| apntag object| _ADAGIO number| videoflag object| videocode string| idnew12 number| videounit string| contextvideounit

62 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CggKBgiiARDjFg
.sanook.com/ Name: _gcl_au
Value: 1.1.1368951224.1703058619
.sanook.com/ Name: _ht_v
Value: 1703058619.2551722232
.sanook.com/ Name: _ht_s
Value: 1703058619.2
.sanook.com/ Name: _fbp
Value: fb.1.1703058619160.2121220908
.sanook.com/ Name: _gid
Value: GA1.2.959330799.1703058619
.sanook.com/ Name: _gat_UA-8147095-6
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUnygISf1f8Pat_vbtMVs1bTNz38W5UUyrPBcyzgR5hEqvOKdp-4HP9rjPls
.sanook.com/ Name: sa_optout
Value: 2
.sanook.com/ Name: dc_optout
Value: 2
.sanook.com/ Name: ads_optout
Value: 2
.sanook.com/ Name: _cbclose
Value: 1
.sanook.com/ Name: _cbclose45879
Value: 1
.sanook.com/ Name: _uid45879
Value: E9EEA7AA.1
.sanook.com/ Name: _ctout45879
Value: 1
www.sanook.com/ Name: verify
Value: test
.criteo.com/ Name: uid
Value: 5acef18c-7396-4038-9c61-0c42f85ad614
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
www.sanook.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.www.sanook.com/ Name: freq.5f73e63e47e7040e00000000
Value: 1
.sanook.com/ Name: cto_bundle
Value: ms3NH19QTEg3bXBFNTJhalBPcHhqNDROSEZoQThQNHIlMkZMSEglMkZQYjVBSVcxYjRvZWt2emdpejluUGt6ajJLVG11SHV4bU9KY3R6UmxHbVNkSFlwJTJCQXhJYlVWbFhTZHZqR252VmRlaWdiMHFCSGRzd0xRUEUySFExVllPJTJGeHhtZkF4M2VLTFJTUm5VdUV3U1olMkZXeHFZNmxva213JTNEJTNE
.rubiconproject.com/ Name: khaos
Value: LQDH4PI0-Y-BHNF
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpX/zUmQu9vLC+IXqvPVzt4X6LBWwGzep2k2NKlEueGiEjTBqk89zQDQ6V1Ny0w888jft+xAT1+NiYbB5SW5XQ3876gXU9t9lMijy0RC4Zd8Ri5j99IjSR+
.adnxs.com/ Name: uuid2
Value: 1555212522796895811
.casalemedia.com/ Name: CMID
Value: ZYKcvGXeAy9bBapzKW59LwAA
.casalemedia.com/ Name: CMPS
Value: 5240
.casalemedia.com/ Name: CMPRO
Value: 5240
.openx.net/ Name: i
Value: a64539cf-0123-4274-a413-d65b5c653f6c|1703058620
.yahoo.com/ Name: A3
Value: d=AQABBLycgmUCEBZt0ZsEKG704sxTJY9a--oFEgEBAQHug2WMZQAAAAAA_eMAAA&S=AQAAAkPkBfWlBjK1qVtiqqaEvy0
.brand-display.com/ Name: _knxq_
Value: 3e0fdf1d-fd6f-4f9d-3f485a6c.1703058620.0.1703058620.1703058620
.innity.com/ Name: iUUID
Value: cebab5098f437480bc1cd9471d29bf04
.liadm.com/ Name: lidid
Value: 65abd51b-1bd0-4494-ba36-27fc6af8682c
.sanook.com/ Name: __gads
Value: ID=94f4042a76b41bc1:T=1703058620:RT=1703058620:S=ALNI_Mb0CMxwkMI8K3y9tdOfthoexo6tbA
.sanook.com/ Name: __gpi
Value: UID=00000d23e72c9c88:T=1703058620:RT=1703058620:S=ALNI_MZ38PZJdxc8pOZ13oXFFlC11mrq2A
.sanook.com/ Name: iUUID
Value: cebab5098f437480bc1cd9471d29bf04
.sanook.com/ Name: innity.dmp.225.sess
Value: 1.1703058621767.1703058621767.1703058621767
.sanook.com/ Name: innity.dmp.225.sess.id
Value: 241242896.225.1703058621767
.sanook.com/ Name: innity.dmp.cks.innity
Value: 1
.sanook.com/ Name: _sa
Value: SA1.2.1949871162.1703058622
.amazon-adsystem.com/ Name: ad-id
Value: A21cOOj7gECFtBcJlCsKuwQ
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.doubleclick.net/ Name: APC
Value: AfxxVi6QC4h5b70LLvDserl9xWp2lwZFECbLpH7X2nOgglJEzbp5gw
.rezync.com/ Name: zync-uuid
Value: b56389da-8c74-4b6b-95ea-33bb0d75d282:1703058621.9797497
www.sanook.com/ Name: _lr_retry_request
Value: true
www.sanook.com/ Name: _lr_env_src_ats
Value: false
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1sjQxMjOwtDQ3NhDiM9SNyE5LcjM3y0hKrHICAMMUkIglAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXByRWAMAgFwIvt4CNsH-wmBBuxcme-C-2hWbMpD4yso6n83aTazQMfSXkWWNkzZN2FghV-UD7OfDoAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1sjQxMjOwtDQ3NhDiM9SNyE5LcjM3y0hKrHICAMMUkIglAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1XIuw2AMAwFwAmoModR4k-ezTZxwkKUlExKh0R5dxWkdfFYg3xCSbMnhZ2DRDLrgi12PhqqVPPObQ8ENHCX7Utups_f9gJweFBfWgAAAA
www.sanook.com/ Name: pubmatic-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-12-20T07%3A50%3A22%22%7D
live.rezync.com/ Name: sd-session-id
Value: .eJwNysEOgyAMANB_6VkWbIFSfsaA9EA22SLuMuO_z-NL3gnLR_ctd-0HpGP_6gTrq90akE4Y7bfpExL4mYhQPIrDYEWYLFwTDB2jvfvS6n2KDxSlZhNXdsaVUIx4zYaoFFvZV4yYZrZkfQw4P4SFnTBcf7PIJbI.ZYKcvg.EiuqLnDGHf-wFa4zDVtf86heIOk
avd.innity.com/ Name: geo
Value: EU%3BGermany%3BDE%3B%3B%3B
.sanook.com/ Name: FCNEC
Value: %5B%5B%22AKsRol-KqmJvYfLWFemnLtFIrBQtTvXortdbKbO2zPKWGqqUm20NXxyiQcWRky0LkRMe3KhCm1ltnGBrD-bXy2g9X2w1QOEKRzT0EAEINH-qKhsLB9vaUy-7dH6HaTCnI0xY9TbE7xRhPh7Eh-EirLd29vPXEAW5Yw%3D%3D%22%5D%5D
www.sanook.com/ Name: _rtbpbjs_userid_consent_data
Value: 3524755945110770
.sanook.com/ Name: _ga_M0RYDTKBFK
Value: GS1.1.1703058619.1.1.1703058629.50.0.0
.sanook.com/ Name: _ga_17F0RQM2JW
Value: GS1.2.1703058619.1.1.1703058629.50.0.0
.sanook.com/ Name: _ga
Value: SA1.2.177490872.1703058619
.aralego.com/ Name: sspid
Value: 42eeddd2-75ed-3d7c-bf20-78e4153a1609
.aralego.com/ Name: usprivacy
Value: 1---
.aralego.com/ Name: gdpr
Value: 1
www.sanook.com/ Name: ucf_uid
Value: 7e103168-fc61-4eb2-a11a-14b7cd308203
.yandex.ru/ Name: yandexuid
Value: 7996623341703058647

4 Console Messages

Source Level URL
Text
network error URL: https://rtb-eu.andbeyond.media/hb?zone=136922&v=1.6
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
javascript error URL: https://www.sanook.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://www.sanook.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=b56389da-8c74-4b6b-95ea-33bb0d75d282%3A1703058621.9797497&_=1703058621.9820776
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

18ae89f632c2c443a7de5e15debefa32.safeframe.googlesyndication.com
a.ad.gt
a.teads.tv
aax.amazon-adsystem.com
acdn.adnxs.com
ad4m.at
ads.aralego.com
ads.pubmatic.com
ap.lijit.com
api.rlcdn.com
avd.innity.com
avd.innity.net
bam.nr-data.net
bcp.crwdcntrl.net
beacon.taboola.com
bidder.criteo.com
bs.yandex.ru
c.amazon-adsystem.com
cdn.aralego.net
cdn.hadronid.net
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.ocmtag.com
cdn.prod.uidapi.com
cdn.taboola.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
connect.facebook.net
d5p.de17a.com
data00.adlooxtracking.com
db4318c4b1e041c3ee245d8ccfd7976c.safeframe.googlesyndication.com
dc.sanook.com
dmp.brand-display.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fundingchoicesmessages.google.com
fw.adsafeprotected.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
graph.sanook.com
grid.bidswitch.net
gum.criteo.com
hb.aralego.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
idsync.rlcdn.com
image6.pubmatic.com
img-as.fsanook.com
j.adlooxtracking.com
js-agent.newrelic.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
live.rezync.com
lvs2.truehits.in.th
match.adsrvr.org
mp.4dex.io
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.adlooxtracking.com
p.rfihub.com
p3.isanook.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pr-bh.ybp.yahoo.com
prebid.media.net
region1.analytics.google.com
rtb-eu.andbeyond.media
rtb.adpone.com
rtbdemand.apiip.net
rtbpass.andbeyond.media
s.amazon-adsystem.com
s.isanook.com
s0.2mdn.net
sal.isanook.com
sb.scorecardresearch.com
script.4dex.io
sdk.ocmhood.com
secure-assets.rubiconproject.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
sloth-api.sanook.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.targeting.unrulymedia.com
t.ocmhood.com
t.pubmatic.com
tags.crwdcntrl.net
tencentth-d.openx.net
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
ut.pubmatic.com
wrappers.geoedge.be
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.sanook.com
x.bidswitch.net
api.rlcdn.com
dt.adsafeprotected.com
pagead2.googlesyndication.com
104.18.36.155
104.18.38.76
108.138.1.25
142.250.184.226
142.250.185.130
15.197.193.217
151.101.1.44
151.101.194.137
151.101.195.52
151.101.66.49
162.19.138.116
162.19.138.82
162.210.196.208
162.247.241.14
172.217.18.98
18.185.66.38
18.66.20.160
18.66.27.18
18.66.27.31
184.30.16.195
185.64.189.112
185.64.190.82
185.89.211.84
192.96.203.13
193.0.160.130
198.47.127.19
2.18.96.175
2001:4860:4802:34::36
203.151.130.56
203.151.133.6
203.154.58.214
209.54.182.161
213.155.156.180
216.52.2.86
23.197.10.19
23.201.255.110
23.212.201.53
2600:1f18:1aca:4282:555f:ca72:a70a:758f
2600:9000:2240:1200:2:d490:4d80:93a1
2600:9000:2304:a000:8:48e:53c0:93a1
2600:9000:2447:6600:a:e047:753:a221
2602:803:c003:200::45
2606:4700:10::6816:34ad
2606:4700:10::6816:3556
2606:4700:10::6816:4192
2606:4700:10::6816:445
2606:4700:20::681a:467
2606:4700:20::681a:7e4
2606:4700:20::681a:8a9
2606:4700:20::681a:b19
2606:4700:20::ac43:4a81
2606:4700:4400::6812:22b2
2606:4700::6810:5614
2a00:1450:4001:808::2006
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c1d::9b
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:6b8::90
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a05:d018:d29:3601:7018:7dc3:a4e8:e820
2a06:98c1:3120::3
2a06:98c1:3121::3
34.102.146.192
34.107.231.31
34.120.135.53
34.120.63.153
34.160.19.107
34.98.64.218
35.241.31.249
35.244.174.68
43.152.26.154
43.152.26.221
46.228.174.117
47.243.203.231
51.89.9.253
54.77.9.4
54.82.32.1
61.91.93.45
61.91.93.46
63.32.253.3
65.9.66.122
69.173.144.138
76.223.111.18
77.245.57.78
95.101.149.233
95.101.149.35
98.98.134.241
99.81.22.6
99.86.4.39
0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda
00fc88183f43638dc6d305d3cdcd5ae5d9ba2ae985917f14fbb23d838913b900
013fc39efb38a28d8eccab58189059646847bc5c54e1c4b637e874b6109ee0ef
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01f424785687f09ef9654be48d2aa3f54b7ecf8118fbdf2f58a1445d8b5216c1
04bcd0aa4a3785e8142d178adbf96730f06f349d38594dc187ba27563ca6db39
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c
0814fdbb3bc4449c30e5ba38576219e29c50cdf80c0f858e3eb863045bf44f41
08a8463bf15cca775e8cc01995f1d42758cbda90dee2b7019fee15daa62822c9
0a1f7d11749db8df0d0179178998905bbf108f7d1f20f1a2b4926c3f234d209d
0b2e019fbe37d9642ad85f3194ef708e5510f4e580544587d3036d2c6a22809e
0b39ec875775ede95411adcd3d901789fa99ae7ceb76c5f59e09c38ea3235006
0b55ec4e5aa91ac70224085c402a372fcdd954dd4df3229b7de7efbfa86cff3c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0fc98c135a2fc30eb81a14617a47ff036f4c71bfc80dbb1f24e47908c9188862
108b42dd2e142e268fdca69ffb1be33cee1c57b3a9d6f5a5700dde21ab6aba59
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
1150925cc59c7046516a9aaaf3d9add1cd9cce4f6a5002154a4cfe3432906427
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
12c77ac611a4332b163f12367043df571ad45e56537880d12235f9aa3376e777
12db6710704be359f07f6c1e2bcb3955a3fd0ed332d59586cb0c38c6858c7312
13e422899dca02f769891a2c3d64bf4f4d301f7e52cc339d5f6fdbe066d17e8a
18324f20e30b230d6c4730fe261513ec183e4f827d408524679859883abcdcfa
19b40828f35aad4ecd875b029b522cfc31d2991b8c27fa001e27598245127057
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1af5312a150b7851c9ed2bed717f00b92549ce0ac595fb50773ec89539c5c2f2
1b5b12f9317278da291368890d1426415eceea3333c9d903f4113ce7b0ffc67c
1bf2204e4bc320500b589d112b120f2c00240f6bac71af61590485ae0ebc5998
1cb6969420827a8f3f818b65291d02511a4fb69ed0fa54da6d96e97c9d258251
1ea85b9dc03f0214ce8e74e92e57f0019f9e5e2c08c7ea51e154d87c347c0453
1f0830adc526d413b6f8c3cff6c2fc0ed15c28f48fbd5913023bda5b4bc165df
1f6ba14f54fae7707c21cf8b7609b7ab8cfc5244907b3be35a48a76fd2a5ac4c
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
211ce11050c57b74d7f793232305a8ee5cea7f061366efaa6df4bff5cb7a2495
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
24d69d92d039760367c17f1b3dc994220ff4471139e943cd24c87ab90f734713
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
27e3898e078a99fc5f43b11cbef454a94563852fc306e3a9f163146e02751a19
2ac05fa6e28bdd8a7dae41f39d4f0d1d1fdd2375132dc85e99a9e35fbb24d880
2ad2e0dabfe69db1f2fa50e28da4cff673db42de2a7c9990610dc913ae7f8ab5
2babcf71e41ee65d1ff30a901411c192d1e6778bf832eacc79dd052ac02d9167
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87
2ca9853f1423af32773c5b787cf035d084c70048be75cbeaa1cd0470a041029b
2d50995123063f4a744935b06b9b5e7a0b4c4abc9f7e9f79e324a7f4f7f30933
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2efaebd58a04587ebd6326f582a8fd4f808235be86d6cbc98b0851a3d5ca747c
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3207f1c85df46208d16f0493aec0d9743fb9494b217fc4370905a72f9441d5ac
32d4e32610f665f17e5f51340879ea8ef32485270d3e74e8e70eeae967b32cfd
3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad
37e6c1b718f34460b662d4897568bc7864b0f716c7cc76bfe137247d912e8f25
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39a9767a33fe8b9d31f24bb9f29f98152c9f738a1bf59539cfd87285d30be231
3a36143c24ad3241a6408ace8e7dac759b64a3ff46a9ab8232aa6f38f9e89636
3ba581f6451f9e7c0442131f9c1570a11e518d15f04a517754fd95ce3f4ee1e1
3c10c54eacf495a5e2b88d4c27cc80545015a2c5ad53125324a52e9d6dabd10b
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3fd13b0daf2652dbdb226aa907f3bca0cf7d986fe8445cb6beff7f22da20f43f
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
412e44de7c09f2b8d76b1ad4ca25cc6915bcca5d737aaa7c5a6b44e5965d1d6d
4269a49d14c62a9c3bf2ddf644e9943f49bb2a6dd211264e27d2da9780658557
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44760e9ed01d417af431b989a3d9b3cf95c6141d5bced95ae09d3fa5da3d740d
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436
4668eca6b5fb46926e95c85f6085b09366fe90bcf5e777ae022ec2685543bc01
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a6814b94c4909b1e575a1f1b2d29ffe0f49125855d4449da3945f5c9d562ae2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eec4089844922556f5a1709036f737cec18ea98cb97d30ae4e6660ca772fa48
4f3e2fc1a111e3ffc785a9729d3c360c1d45f9400bba7a29920f3769837559b2
4fd08991cc0d265646431832f91dd7d41714becd4b410fc366701d1d72e1c5ea
50b19099ebca11eae52e56b077ea2f8d618a21e6a9657a8de01467f764ef910f
50ead8ea1ce009d64e0c5bfff85a20145861f002264a9353cc5ceb3d379e41fd
511eb5c2eac55f624b74b7571e7e351ddafac45b2686db1b690447098e79d888
52ded13dcfc77995e73e1e13f80f2a7c05a9cd67e053116fa085af8631410547
53063b6a9d9d95002adaa6167563f8851385774ebf2ba793ca2469320e3c000f
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5a6467f0a4c70cf448d6c8e2f83356284d3c1e34ecee935b05681e5e25d3bc09
5aa6eea82bcba15142ef1b92cc7dfe31d60b222c1d989bae19400130db61b3b8
5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305
5bf7724d62557cbb156e410f424acf0d48a3f5b6db47b4ba25db0699d9e1305a
6110bd3d72d24a65ab45401d0318208e362f323aca3c84d57a36523d34a60f0b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62998eb230205cec9dbb97bedc6654520af6e3b2b452f17c38b54eb10829a005
642e0c55f52b2a291e47f5ab2d322e35f6776d8ce73b9cc0bd86c65bd4a26620
65177392856af280f032ec6c9a04dbf090a2ad89caca956cc24bf0e16fca2e1f
65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479
66cbd1268a65ce2fd800b77c2428bde15e551664edcb672b00018a2ab9884b69
6861f9f2f57c52ba68a388c4ff9a4d7245a312bdf5222c359f72f66a25cce51e
68de9947c014ba26a1d48132dc5a94697f4c575972d2944da8e496f5780fd7b2
69a3aa7096eb4fe5cd23a36f16814bcfcd7c684a78074d2da263bef7ee712963
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6dafc9980703198efd207bec78d93964a8dadc6aa2481ce5cf72f964e4d20740
6f2f49b5c497f52e4067c4244ee77420957ae0a91481d0f68d3362a787331ae5
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
70e89c9616e7673e29b7991a637d7d7051914797b401a4d55bb3d4732842c641
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
71e108af5183f2557e792c3688c4eaf13b4c24f82633c396fb4de9c87926250b
72b957c8e33b77cbf556151dc0c974c59408561b4bf97828c5b400bb60663138
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
73aca4fc273d9dc96c03f6fe1390d48f54fb71f58bd0bb3a1830117434d2009a
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
745f76c8d7cfbe00c5f1d9cd212b35730ca273ebdf6f8b0f3f4f69e0ccb2ba29
76826516b4d37ab488d0163d4d43fa6f56199dae748fdfbabcd447c78528464e
76e4852c851555c6b586f347e44f9fb29182fa33832191eb133e5f1ca03fd521
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
772b5a4ad62b4a9349a56a97c3689ae34c9d05fb3b89ed18b1b28881dae213a1
79e1fba37bade20df475f489bd8599c09a2e6a43d36b1e9989a961283056088b
79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
7fd367045a99ab837da7993139ed22179ee8dd6a9e1915e83ac9d37c33d77a99
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84c2a85f42b82e94725a0f9c7b9536905f9b5e8bb103d52c08fd6e1373831eb2
84dbea809787acd9c5c767113eb3f7bc492f55812613c10507f66f10d205db36
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e
8756f19020bac3a40d2a403c5f5bcf3ac5034bc0da074d6a383bbe6c32561de5
881d5052428a5885d84fe92df0ed357f7026e44ff2b391ddfe6641b82c0a822d
890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978
8ab3839a039554c34cf56516076ed6ad88d939ded7cb3ba620e0a7beaf301b9d
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8d6d6e3aaf9c286d3dd42f481878f43393ec8a26b2698f4eb221ade3d12ef73a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
92ed6bccd233674d98f513f8294070d3348a080adba4db8572a995e686cb8692
94ef9ea225fbbc06f4a4f3ec520721adc948170236ddb9c31f4c137571c2865d
99bceaf8b7d56a04c4529d33ed5bdea71fb0396ee8a9abdd787b52b6e878a837
99d8d854ea87a6a5ffc47e1b70ae93331b174e0c87ae285f602a4a35f7a4b790
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aab030521296163f799c5489a3827c4d54c218ef4b96b376574dda76a8089c2
9af2e571241252feefc875c677dcad1145fe2146c76ccbd989cc4bfbc03f9ffa
9cd0cf9358f6d9ef9aecc29466faba4f8f2f5b9a79f03be60e6b220558fd4340
9d8ff28e956643ad952069a12f38c79cd8bfde6985faad3f81ad6ddded87d8ba
9fcb61b1ebede6235a8da1e9c82dce2dd5945790bcc05f20c8e257e8931a182e
9fee8e799a99f9bbdecfa6fb693a40c1f95e8599206fb941280e49b99ba5d22d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a2927d4b587bf91bf2a958f9273e01f9447b14a161dda71f961be4be21c77df8
a4363bbb20011c20023fbbe2104b220da4d059493b4bf7ce5b45beda053896cb
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a58069f865739d0b8ced7cc628818c2db43bf28a8aa132cb2b867054c9a50e45
a7541fc5c9a11282980ed923f9b2f1827738f86dee00d52a7b3bd71b640133d1
a87dd6dc8d0ff01fc3786b4f6fbd34142ad05caa1ce524d15799fab73680081d
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aacae4092a3c76743ece198017d03a00476a59bfee4e141b1a46bdc0caeb0a93
ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f
ad75c1e58779d85bb140d16e1375e9b7d3f1dde53b194bf8313bb7a44ebc0d26
b01b431a4fa2559f97121c5e811606e82505bf2f5bf226636b10899a6c7d0305
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e736111173a1817b31f7f1329e9db9b3053c35c702bdbe821f10237eb87d51
b2bb8debb0b4e407cc789a3841d55f3c8e9f7804e91e77a056b529de9803f42c
b403df12963df5ae06f1d55491e0713c094cdc53bf5518b7527aaf5cf51e25ae
b42b239e61cc28fd9d4926a927a5c1204bcd4972e8807f89c94c9caff7b9101b
b50699f7941847172dd7c1af4a423eb3ecf9fe4008cc65837f6e5015d48d50fa
b54468ec1cdd0686c619fa6353b05e6c1d2b86faf064ad2199c7b323aad7d2a6
b838ce70a090231be8c745e32e5b6544bb0aa5c4e83ea15cf992feab33989be2
b9e38cc9731430afe84fde118d71237c9a86fce3230e5ac7ae1d7f86c102842a
bb9ed1770e9024deb98eee45ba561267d7ef74129e952928e7d62d581948bc0e
bceb9a4db167f178f53e17480e354065eba7d07917e41360546d30137c0d9a94
bd9cc06630c7efc0bd58d1ededb887b352e8c7908f5d3f45414e38e9dc997967
be670c3d3cc9021e3e244a863bd36f5c685a09f46cffefdb930b9fefee0fec0e
c126411169021a699eb16ebddcbb12f53fcb9a66007c85b474f81d77c6dd9aa4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3813c365a68f751e0318f94fa197415d1adf39a01cd4836cd3ea0585bae9a6d
c60e2fc9ce0914bf1cf11e141c745da30edc15af953fd6682d0d95df5d83f809
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
c86d792f85479bc941b4eb8e817e461f88e5b57097f65c48529b509857bda2ea
c86f3e45e9a499c07faeb462cd04142feb57d7bb52f95fd908c5197057c374a1
c874f708f5b975cd971bc4b89f3a432a46121a549273f79c0e1363ef54001157
c8947d2159e25be7db4efacbdb0b42d39170c6934cb5b59bbcad67d6531d9c0b
c9a6aee0a88b459c2c350401d70e6153c928dd82f122c936376cf56dcc155231
cb4ad9fca15600096a8d9107572e52f9c6f1cd930e9b6dbcf0954192c786da14
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
d089e53c4e472949600c5baac5b68139e9ed3ce4befd2b4188b5c41fb2604855
d1247d96307e72425b2cc053be1316cc0cc7ca2d5a0abcbbd2108254ad3c9edf
d2df93cdf82ecadb17fa1511e62333500fee1411eca884eb02d6ed77c2c1a339
d3025663994bcd2f01f67ef22305550ba725becae4b6cf82733c24fa27f96acd
d57aeaf80265f0b85de1bf9798c3eb60e8b8a71869a16cea4873e21667c9f657
d68c3ead837103c502de483abfdb0167fa83abe2a3ba452df2d5f216289f6c9f
d85f8f76581983eb6f9c4d761d48b5d6cf4505003cbd7c95d3f08fe0e124f944
db79889f24e1ad1bfbb2d036d90c6bd4d17e86e88ac1a793247e28499b2d6ac1
dbc8e7010be7250d7092fa7cdfc81186f97e3abf060d836d4054ba37f1160ce3
dc8e270a6c4089b306a6058d541e71d584db80c236f99875470008a97c8303c5
dcf1a54a6538fd9c42fa504bd7608af25f6cace6f801a65c506b599a557559ed
dd7b3b2db863abe2ccb2bae3f5e3e8df5d551f09460e8cc0ba40e2a0b5053c75
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0f1818639a6eec8e350d3a5920b34d20d2b1a7a78d357b2c5daec07cf0f4d2f
e16941500a7e562826092aa4e31a907a0c6e9354e4c843391cd3fdec33602bb1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d9f2490370d0efc65f52ab490598f97f008d4b63d8c887e0bde1be24aa3d6e
e4e7f3df7400e43beea38551923b937272d4fb948f49028be72d2d1a84bc56a6
e5988ee27dd76b2e61a995185ae3ec813ff02f18d2b7664bf59e0fd54d6ae5da
e6f66edeac3b3a3f7b2cd9d2c9c0365f42b989cc873dd956522bcc03e1279413
e703a095f6114a9905c889cd75b7bd1059a758b00d3c01ca55f3f064a686a389
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eacdfd7be587bedc9b4388ca9780b8b8dc713d666d370bc0999bbca1895a9151
eaf9f07c34bff73d9c54dd264f724891212791661d59d6bf695ca8085d6cd9b7
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebf5cf19fa85620740e3df7dfa787eb668ced7608eb1be570a3d1ba1f4dff560
ee4af143a6a0a29cda4f26e4e9e05fbc58918dfa32bb26bb7f43b266afc0a085
ee792d6654698f7c088a8ae05942488f954ce013109bd82c4c1c37eb38f6148b
ee855581a36f5e32f1850e5d174d46156e51d3790a84851000c6b8cc0f135408
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef19e3064e5fd9e046a6f4661949e2c7b1c7862f5269ac227ab08b8f63da87fe
f041fff4bfe058c4e6796a635a6fe873bc3cdb6f68205ae7e070b500b3dca793
f142eea6a2603d113030e23e07cfe140c533556b53118db5114182d4f1537e0e
f2bbee18905a06e3899c21b5437cf261698ac93e723593050f3d257415514633
f3b18d283554f1aff7785b2cf1341ac8c4e92079d44319561a6427057321b5e6
f511d64ff16d00cb069caf0cd81f4fb2d1d16e22bb395d118249fb57c2a85a86
f53aba488c5a13c9baaf68c26417f3e0a04a5cdcec9ada04a6562e8a37af6b74
f57f24935c797b2197b123122ac229abc2bcb446ec3960765bcbd2c02e687b4f
f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b
f9165c80da56686b2a76368c54c8278662471d3c932fe6dced53ef01b327927e
fb341be84f1940a0c05ddb4be2e29409183cd3a0dff27db681c787b1c247c8b7
fcfce8c1786e5b1aa81cc8f77d993172d4c4a99a3d0ca2c5234ff10658c1ce01
fe00fe0cd2d9d5daf36801a5e2a5b72a39090003ed239fd412a0e789b2e97c63
fee99ad0bd0cd5995682405178d9d2ede85fed5c79f543d8b740f53395291f64